Skip to main content

Challenges and opportunities for related to implementing PSD2

Manuel Giner, Avantio’s CEO, explains the challenges and opportunities of the PSD2.

 Implementing PSD2, the new European regulation on payment services, is just around the corner. Banks and payment processors strive to adapt their systems to the September 14 deadline.

It will undoubtedly be a revolution for the sector because of the important objectives it pursues and a new concern for property managers, who will have to adapt to the new scenario.

But, as we will explain later, it will also be a great opportunity to work better and more safely.

What is the purpose of the implementing PSD2?

The PSD2 or Payment Service Directive is a European standard whose objective is to increase the security of electronic commerce. It aims to reduce online payment fraud and the fearsome “charge backs” that are already reaching alarming levels in Europe.

However, as we will see, it only succeeds in part, since there are transactions that for the moment are still outside the protection of the PSD2.

Another of its objectives is to increase competition and reduce the costs of online payments, freeing access to banking interfaces.

It aims to open the market to new competitors and new proposals to make electronic commerce more agile, facilitating new biometric authentication methods or via mobile

Why should implementing PSD2 worry us?

Because if you are a property manager based in Europe, as of September 14, payments made online with cards issued by European banks will require double authentication.

What does this mean? that customers when paying online may be forced by their bank to enter a PIN (or other proof) that they are the cardholders.

Therefore in September the property managers will have to make sure that the booking engine they have on their website is adapted to the new 3DS2 secure payment standard.

If the payment platform or the booking engine provider has not done its job and adapted the system, charges may be rejected and direct reservations would be lost.

What about the offline card charges?

At the moment the operations done by telephone or email, those initiated by the property manager (MIT merchant initiated transactions), are exempt from PSD2.

For practical purposes this means that the credit cards we receive from Booking, Expedia, Homeaway or other portals or our website may continue to be charged manually at the POS, without the need for authentication by the end customer.

However, these charges, being outside the PSD2, now more than ever may be subject to charge backs.

There is therefore a “security hole” or temporary exception that allows European regulations, so some charges will be safe and others will not be safe and others are not.

Effects on direct web sales

Another problem we can face is the possible loss of conversion of our website. If we now force the buyer to verify their identity, there may be transactions that do not come to fruition, either because the bank’s verification system fails or because the client does not complete the process.

Moreover, if OTAs such as Booking or Homeaway have more agile booking engines, and decide not to request double authentication (since they do not charge), it could be the case of a transfer of direct sale reservations to these OTAs, in which customers could book more easily.

An effect that perhaps the European Community did not think of, but one that can harm small businesses at the expense of large distributors.

Therefore, we must be very aware from September of the conversion figures of our website and tourists abandoning the booking process.

What is the future of payments?

We believe that in the medium term and as the market and technology adapts to the new scenario, all transactions in electronic commerce will require double authentication. In this way the objective of the PSD2 will be fully achieved.

Paying will be then using our fingerprint on a sensor or a camera that will recognize our face and validate the payment.

This “authentication” may “travel” with the transaction and not necessarily who makes the sale will have to make the payment.

Offline payments, in which we manipulate customer card numbers to enter them in a POS will disappear, since they pose a significant risk of fraud, since these numbers can be copied once they are no longer in a secure environment.

In fact, this operation is increasingly restricted by the PCI – DSS (Payment Card Industry Data Security Standard) protocol established by VISA, MasterCard and the main card processors, which imposes heavy restrictions on this practice and significant fines to businesses that don’t follow these measures.

Why is implementing PSD2 an opportunity?

Implementing PSD2 is an opportunity to adopt an advanced payment platform that apart from complying with PSD2 and increasing payment security, helps us to be more efficient and competitive.

This platform should be able to check the risk of unverified cards and then store the cards (tokenize them).

This tool opens up new possibilities for property managers, who can now adopt more flexible payment policies and increase the conversion of their website.

This is what Airbnb has recently implemented, which gives the customer the choice if they want to pay the entire amount at the time of booking or only a small part.

It will also facilitate the sale of services added to the reservation, since we will not have to ask the customer for their payment information again.

Avantio’s solution to achieve these advantages and many more is Avantio Payment (Apay).

Avantio Payment is a payment and card management system fully integrated in the management software, which is a total revolution since it allows operations from the same system and allows you to automate many processes that until now had to be done manually or entering the platform of payment.

With Apay we can:

  • Automate the second payment of reservations.
  • Automatically check if the cards that arrive from the portals are valid and have a low risk.
  • Manage rejected cards effortlessly, since Avantio Payment creates an alert and requests a new one from the client.
  • Perform card blockages for bonds or preauthorizations automatically.
  • For telephone reservations, we can send a secure payment link by email to close the sale instantly.
  • Offer customers who have already booked additional extras or day of stay, charging automatically if they accept the offer.
  • Reduce chargebacks by sending a secure payment link by email in case of high-risk cards or last minute bookings.
  • In addition, Apay is compatible with several payment platforms and dozens of banks, which will allow property managers to choose the option that is most convenient or is most cost-effective.

The aims pursued by the directive, reduction of fraud and costs are very successful, although they will take time to fully comply.

They require an evolution of the technology in Banks and payment methods first, and then a change in the way the sector works, one of the few in which the customer’s card numbers are still being sent over the network without being encrypted and no possibility of being copied by third parties.

Property managers must adapt and start using advanced payment platforms that can store cards securely.

Want to know how OTAs are implementing PSD2 the new payment directive?