← Back

8 Minutes

Revolutionising Payment Systems – What PSD3 Can Look Like in 2023

Get ready for the next big revolution in payment systems with PSD3 in 2023! In this blog, we'll dive into the potential impact of this upcoming directive and uncover insights from industry consultations.


In this comprehensive article, we'll delve into the exciting world of PSD3, the upcoming directive set to revolutionize the payments industry.

In this article we cover:

  1. Evaluating the Goals of PSD2
  2. Potential Directions for PSD3
  3. PSD3 vs PSD2: Key Differences and Improvements
  4. When is PSD3 Coming?
  5. Potential Directions for PSD3 from Consultation Responses
  6. Conclusions – Potential Building Blocks for PSD3 and What to Expect in 2023

Evaluating the Goals of PSD2 and the Journey Towards Open Banking

Last year (May 10, 2022) the European Commission released three consultations which will play a key role in shaping the regulatory landscape for payment services throughout the EU. This marks the initial steps towards transitioning from PSD2 to an updated version of the directive, PSD3, which is designed to address the current challenges and requirements of the payment industry more effectively.

Before jumping into the current market challenges and future resolutions, let us revisit PSD2.

The primary aims and objectives of the PSD2 directive as formulated in the consultations:

  1. Improve the level playing field between the different categories of payment service providers
  2. Create an environment which stimulates innovation in payment services
  3. Make payments safer and more secure
  4. Ensure a high level of protection for PSUs across all EU Member States
  5. Strengthen consumers’ rights
  6. Making it easier to make cross-border payments within the EU
  7. Enable PSUs to have a wider choice between different types of payment service providers
  8. Improve the transparency of conditions when PSUs make use of payment 
  9. Contribute to lowering the cost of remittances through a more diverse and transparent market
'PSD2 has laid the foundation for a regulatory framework that fosters a dynamic and secure payments market'

PSD2 was originally drafted in response to the rise of digital-first Third Party Providers (TPPs), who were catering to evolving market needs and introducing new forms of value and innovation in the banking and financial services sectors, paving the way for open banking. While PSD2 faced certain challenges, its aims of establishing an integrated, competitive, and consumer-centric payments market in the EU, ensuring convenience and security, remain strong. It simplified online payment services, enhanced consumer protection against fraud and payment-related issues, promoted innovation, and adapted to changing payment needs. In short, PSD2 has laid the foundation for a regulatory framework that fosters a dynamic and secure payments market.

Potential Directions for PSD3 Based on Consultation Design and Market Trends

While the PSD3 regulation is currently in the developmental phase, it is evident that progress is being made. Taking into account consultations and market trends, PGC (PaymentGenes Consultancy) has delved into the potential building blocks of PSD3 and elucidated their significance in shaping the future directive. PSD3 aims to incorporate open finance principles for secure data sharing and competition, while optimizing Strong Customer Authentication (SCA) to reduce friction. These advancements, including standardized APIs and innovative authentication technologies, have the potential to revolutionize payment systems and shape the future of financial transactions.

1. New players and technology 

  • E-money
  • Crypto assets (including stablecoins)
  • Digital wallets
  • Payment processing services (incl. PSPs)
  • Operating payment systems and schemes
  • Buy-Now-Pay-Later (BNPL) 
  • and others that have the potential to revolutionize the industry. 

2. Regulations

  • Standardization: PSD3 seeks universal standardization of rules and regulations across countries, ensuring consistency in payment services practices.
  • Efficiency: The directive aims to enhance the efficiency of National Competent Authorities (NCAs), streamlining regulatory oversight and enforcement.
  • Licensing Process: PSD3 will review the licensing process for payments institutions (PIs) and third-party payment providers (TPPs), ensuring appropriate standards for entry, operation, and oversight.
  • Liability and Triangular Passporting: Provisions will be established regarding liability when PSPs engage third parties for service delivery. Additionally, triangular passporting regulations will be clarified to ensure accountability and transparency.
  • Alignment with GDPR: PSD3 aims to align GDPR more closely with the directive, safeguarding consumer information and establishing consistent data handling standards in the payment industry.

3. Data

  1. Developing more specific and precise standards for API (Application Programming Interface) specifications. The standardization of APIs is considered of utmost importance in building an open finance economy, as it has the potential to significantly enhance the quality of services and facilitate seamless integration among various stakeholders.
  2. Enhancing trust in the services provided by Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs): PSD3 will potentially evaluate the usage of existing open finance services like PISPs and AISPs, as well as gather insights on people's preferences for sharing additional financial data (mortgage, insurance, pensions, savings, investments) through Third-Party Providers (TPPs). Stringent data protection measures will be a priority in this evaluation.

4. Security 

  1. Current barriers and created process friction: PSD3 aims to identify and address the current obstacles and challenges that create friction in payment processes. By analyzing and rectifying these barriers, the directive seeks to streamline transactions and enhance the overall efficiency of payment systems.
  2. Revised Strong Customer Authentication (SCA) measures: PSD3 is expected to introduce updated SCA measures to strengthen the security of payment transactions. These measures may involve implementing advanced authentication procedures to ensure the accurate verification of the payer's identity, bolstering protection against fraudulent activities.
  3. Incorporation of additional security features: To effectively safeguard transactions, PSD3 may incorporate supplementary security features into payment solutions. These features will be designed to enhance the integrity of the payment process, providing users with greater confidence in the security and reliability of their transactions.
'PSD3 aims to incorporate open finance principles for secure data sharing and competition, while optimizing Strong Customer Authentication (SCA) to reduce friction'

Having explored the potential directions for PSD3 based on consultation design and market trends, it's crucial to delve into the key differences and improvements that PSD3 is expected to bring over PSD2. As we transition from PSD2 to PSD3, we anticipate a stronger focus on open finance, enhanced security measures, and a more streamlined regulatory framework. While the exact timeline for the release of PSD3 is yet to be confirmed, the European Commission's ongoing consultation process signals that the new directive is on the horizon. As we await further developments, let's delve into the potential directions for PSD3 based on consultation responses

PSD3 vs PSD2: Key Differences and Improvements

As we transition from PSD2 to PSD3, it's important to understand the key differences and improvements that are expected. PSD3 is anticipated to build upon the foundations laid by PSD2, with a focus on open finance, enhanced security measures, and a more streamlined regulatory framework.

Here are some of the key changes that PSD3 is expected to introduce:

  1. Strengthening Measures Against Payment Fraud: PSD3 is expected to introduce more robust measures to combat payment fraud, ensuring safer transactions for consumers and businesses alike.
  2. Unlocking Access for Non-Bank Payment Service Providers: PSD3 aims to provide non-bank payment service providers with access to EU payment systems, subject to certain safeguards. This includes the right for these providers to have a bank account, which could significantly broaden the competitive landscape.
  3. Improving Open Banking: PSD3 is set to enhance open banking by improving data interfaces, removing obstacles to open banking services, and giving consumers more control over their data access permissions. This could lead to more innovative services and a better user experience for consumers.
  4. Empowering National Competent Authorities: PSD3 is expected to empower national competent authorities with stronger enforcement powers, facilitating the implementation of rules and ensuring a more consistent regulatory environment across the EU.
  5. Enhancing Availability of Cash in Shops and at ATMs: PSD3 is also expected to improve the availability of cash in shops and at ATMs, providing consumers with more flexibility and choice in how they make payments.
  6. Consolidating the Legal Frameworks for Electronic Money and Payment Services: Lastly, PSD3 aims to consolidate the legal frameworks for electronic money and payment services, creating a more coherent and efficient regulatory environment.

When is PSD3 Coming? Anticipated Timeline and Key Dates

While the exact timeline for the release of PSD3 is yet to be confirmed, the European Commission has already begun the consultation process, indicating that the new directive is on the horizon. Stay tuned for updates on key dates and developments.

Potential directions PSD3 from consultation responses

Key input providers: EBA, Klarna, Wordline, Visa, Mastercard, Apple, Paypal, ETPPA

Current PSD2 coverage E-money Crypto Assets Digital Wallets Payment Processing Services Operating Payment Systems and Schemes BNPL Is the regulation framework applied consistently? EMD2 GDPR eIDAS SEPA SFD AMLD MiCA Digital Operational Resilience Act (Commission proposal) Access to and use of payments account data in PSD2 are adequate (Art. 66, 67 and 68) PSD2 ensures a safe sharing of payments data General SCA Fraud

In an effort to delve into the nuances of the payment industry, the European Commission conducted an extensive questionnaire, garnering responses from 200 prominent companies and organizations, including the European Banking Federation, Klarna Bank AB, WORLDLINE, Visa Europe Limited, Mastercard Europe, Apple, and PayPal. 

Through the analysis of these key responses, several significant findings have come to light, providing invaluable insights into the industry's current landscape and future trajectory.

1) Coverage:

One noteworthy revelation emerged from the analysis: the prevailing discontent among industry players regarding the present coverage of payment services under the PSD2. Notably, respondents widely concurred that Emoney and digital wallets should be integrated into the existing PSD2 framework. Additionally, the examination also unveiled an interesting trend - companies engaging in advocacy to promote their specific interests with regard to novel technologies and regulations.

2) European Payment Regulations:

The analysis shed light on the implementation of diverse European payment regulations, encompassing EMD2, GDPR, eIDAS, SEPA, SFD, AMLD, and MiCA. Remarkably, respondents exhibited a shared divergence of opinions concerning the consistent adherence to these regulations within the PSD2 framework. Among these, GDPR alignment emerged as a prominent concern, eliciting the highest level of dissatisfaction among companies.

3) Use of Payment Account Data:

A pivotal aspect explored in the questionnaire was the perception surrounding the use of payment account data in the industry. The majority of organizations strongly or somewhat disagreed with the adequacy of the existing practices. However, respondents generally agreed that PSD2 ensures the secure sharing of payment data, indicating a level of confidence in the framework's security measures.

4) Security:

Security emerged as a crucial facet within the payment industry, with respondents expressing an overall high level of satisfaction. Notably, all key respondents concurred on the need for moderation and amendments in Strong Customer Authentication (SCA). This collective viewpoint suggests a consensus among industry stakeholders, highlighting the necessity for a more balanced and user-friendly approach to SCA implementation.

5) Third Party Providers opinion:
The analysis of the questionnaire reveals that the European Third Party Providers Association (ETPPA) generally expresses dissatisfaction with the current framework of PSD2. Most of their responses are below neutral, indicating their discontent. The ETPPA raises concerns regarding the coverage of PSD2, consistency in regulatory application, adequacy of access and use of payment account data, and the level of safety ensured in the sharing of payment data. Overall, the ETPPA's view on PSD2 suggests that they perceive significant room for improvement in multiple aspects of the framework.

Conclusions – Potential Building Blocks for PSD3 and What to Expect in 2023

In conclusion, PSD3 has the potential to represent a significant step forward in the evolution of the payments industry, building upon the accomplishments of PSD2. While we await the official details of PSD3, it is important to recognize the need for continued innovation, competition, and security within the payment landscape.

The identified areas of concern and improvement highlighted in the EC questionnaire offer valuable insights for decision-makers and policymakers. By incorporating these insights into future regulations and practices, industry stakeholders can collectively work towards fortifying the coverage, transparency, and security of the payment industry.

As we anticipate the unveiling of PSD3, it is crucial to acknowledge that the potential building blocks discussed in this article are speculative. Without a crystal ball, it is impossible to predict the exact provisions of PSD3. However, by addressing the challenges and opportunities presented by the rapidly evolving payments landscape, industry participants can pave the way for a more resilient and consumer-centric ecosystem.

While we eagerly await the official announcement of PSD3, let us remain open to the possibilities it may bring and remain committed to shaping a payments industry that serves the needs of businesses and consumers alike.

Ultimately, the success of PSD3 will depend on the industry's ability to foster trust, promote innovation, and prioritize the security of transactions. By embracing the lessons learned from the EC analysis and adapting to the changing needs and challenges of the industry, stakeholders can collectively navigate towards a future where payments are safer, more efficient, and better aligned with consumer expectations.

While we eagerly await the official announcement of PSD3, let us remain open to the possibilities it may bring and remain committed to shaping a payments industry that serves the needs of businesses and consumers alike.

About PaymentGenes

PaymentGenes is a leading consultancy & recruitment firm specializing in the FinTech and Payments industry. With a global presence and a team of industry experts, PaymentGenes provides tailored solutions to businesses, helping them navigate the complex landscape of payments, technology, and regulations.

PaymentGenes offers a comprehensive range of services, including strategic consulting, recruitment, interim & knowledge development. Their expertise spans across various areas of the payments value chain, including card and digital payments, risk management, compliance, open banking and emerging technologies.


The following appendix provides a concise reference of key acronyms and terms related to payment services, regulations, and industry stakeholders for easy access and understanding.

AIS: Account Information Service, AMLD: Anti-Money Laundering Directive, API: Application Programming Interface ,BNPL: Buy Now Pay Later, EC: European Commission, EEA: European Economic Area, EMD2: Electronic Money Directive 2, EU: European Union, GDPR: General Data Protection Regulation, MiCA: Markets in Crypto-Assets Regulation, NCAs: National Competent Authorities, PISP / PIS: Payment Initiation Service Provider / Payment Initiation Service, PSD2: Payment Services Directive 2, PSU: Payment Service User, PSP: Payment Service Provider, PGC: Paymentgenes Consultancy, SCA: Strong Customer Authentication, SEPA: Single Euro Payments Area, SFD: Strong Customer Authentication and Secure Communication under PSD2, TTP: Trusted Third Party, eIDAS: Electronic Identification, Authentication, and Trust Services

Note: The appendix contains relevant acronyms and terms in alphabetical order for easy reference.

Related articles