The payments landscape has been undergoing significant transformation since the implementation of the European Union’s revised Directive on Payment Services (PSD2) in 2018. PSD2 was initially seen as a compliance hurdle, but it quickly became a catalyst for innovation, competition, and fundamental changes across financial services. With the introduction of strong customer authentication (SCA) and open banking, financial institutions were encouraged to innovate and improve security measures.
Now, as the industry prepares for the next evolution, the new directive, PSD3, is set to build upon the foundation laid by PSD2. Expected to be formally implemented between 2026 and 2028, the news on PSD3 is that it will refine requirements around open finance, consumer protection, digital identity, and fraud management.
Now, as the industry prepares for the next evolution, the new directive, PSD3, is set to build upon the foundation laid by PSD2. Expected to be formally implemented between 2026 and 2028, the news on PSD3 is that it will refine requirements around open finance, consumer protection, digital identity, and fraud management.
Read on to learn how the new directive raises both challenges and opportunities for financial institutions, demanding a proactive approach to regulatory compliance while providing avenues for growth and innovation.
Key changes in PSD3 and their impact on compliance
Before exploring the potential gains beyond compliance, it’s critical to understand that PSD3 is not just an incremental update to PSD2; it represents a broader and more ambitious regulatory framework.
Here are some key changes and their implications for financial institutions:
- Scope expansion: Unlike PSD2, which primarily focused on payments, PSD3 extends its reach to include loans, savings, insurance, and investments. This new, broader scope requires financial institutions to adapt their compliance strategies to cover a wider range of financial services.
- Stricter authentication rules: PSD3 introduces stricter rules for SCA, expanding its application to more use cases and channels. Financial institutions will need flexible, future-ready authentication solutions to meet these requirements.
- Enhanced liability and consumer protection: PSD3 provides clearer allocation of liability and stronger consumer protection. Financial institutions must ensure their fraud controls are robust enough to avoid higher risk exposure.
- Advanced fraud detection: The new directive mandates investment in advanced, real-time fraud detection and risk-based authentication (RBA). Institutions will need to adopt sophisticated analytics and monitoring tools to stay compliant.
- Open finance and data sharing: PSD3 expands open banking to open finance, encouraging broader data sharing across financial services. This creates new opportunities for data-driven services and innovative business models.
- Integration with digital identity: PSD3 emphasizes the importance of digital identity, allowing banks to position themselves as trusted identity providers. This integration can enhance user trust and streamline authentication processes
Now, let’s take a look at how Entersekt can support your journey to PSD3 compliance… and beyond.
Leveraging Entersekt’s solutions for seamless PSD3 compliance
Entersekt’s patented security solutions have long provided a reliable path to PSD2 compliance, and they are well-positioned to help financial institutions navigate the new complexities of PSD3. Entersekt’s approach goes beyond mere compliance, focusing on strengthening fraud prevention, protecting revenue, and creating seamless customer experiences.
One of the core components of Entersekt’s solution is its SCA framework. By using digital certificates to uniquely identify registered mobile devices, Entersekt transforms them into trusted factors of possession. These certificates generate authentication codes for each transaction, ensuring the authenticity and integrity of digital transactions.
Additionally, Entersekt’s solution ensures the independence of SCA elements, using an end-to-end encrypted communications channel that is isolated from the transaction initiation channel. This guarantees that even if one element is compromised, the overall security remains intact.
Enhancing user experience through advanced authentication
While compliance is crucial, user experience should not be overlooked. The introduction of SCA under PSD2 initially caused concerns about customer abandonment due to increased friction. However, as solutions matured, secure and seamless authentication became a differentiator.
Under PSD3, the ability to deliver one-touch, mobile-first experiences will define new market leaders. Entersekt’s solutions empower customers to approve transactions in real time via a secured mobile app. Each authentication request includes contextual details, giving users control and confidence in their transactions.
Case studies have shown that Entersekt’s mobile-based authentication can significantly reduce card-not-present (CNP) fraud, increase digital payment volumes, and improve customer satisfaction and loyalty.
One bank, for example, was able to reduce CNP fraud by 70% and increased authentication success rates by 66% in the first month after migrating to Entersekt’s 3-D Secure platform.
By simplifying and streamlining their authentication, financial institutions can build trust and enhance user experience.
Turning PSD3 compliance into new engines of growth
PSD3 presents an opportunity for financial institutions to turn compliance investments into new engines of growth. By offering authentication as a value-added service across multiple channels—banking apps, e-commerce, call centers, and more—institutions can deepen customer engagement and drive innovation.
For example, another bank transitioned to Entersekt’s authentication for call center verification.
They were able to reduce authentication-related call volumes by 57% within the first year, resulting in significant operational cost savings, elevated agent productivity, and superior customer experience.
Entersekt’s flexible solutions are designed to evolve with regulatory changes, supporting convergence across channels and preparing institutions for both PSD2 and PSD3 compliance. By leveraging these solutions, financial institutions can reassert their position as trusted custodians of digital identities, offering secure and seamless experiences that foster customer loyalty.
Stay ahead of the PSD3 news
As the payments ecosystem continues to evolve, financial institutions face a choice: risk being reduced to utilities in the background or seize the opportunity to become trusted custodians of their customers’ digital lives. By investing in flexible, future-ready authentication solutions, banks can unlock new value-added services, deepen daily engagement, and reassert their place at the center of digital finance.
Entersekt helps make this future possible. More than just a compliance solution, our platform provides the foundation for financial institutions to innovate with confidence, delivering fraud-free security that builds trust today and prepares them for the opportunities of tomorrow.
By choosing Entersekt, financial institutions can ensure they are not only audit-proof but also future-proof. Download our latest ebook for more.
Check back soon for more PSD3 news!
