Glossary

June 27, 2021

PSD2

What is PSD2?

Due to the growth of online shopping and online payments, the EU enacted legislation to protect consumers and merchants. This legislation was updated with the Revised Payment Services Directive (PSD2), which is intended to create a more integrated European payments market with a level playing field for payment service providers, and has a strong emphasis on secure payments and protecting consumers, e.g. with SCA (Strong Customer Authentication). Another key development was the introduction of open banking by requiring standardized access to payment accounts via an API.

What does PSD2 mean for consumers?

The Revised Payment Services Directive (PSD2) gives consumers greater security when making online purchases. It has also led to the introduction of open banking, which allows for account to account payments and a range of financial services.

What is Strong Customer Authentication?

Strong Customer Authentication (SCA) is a requirement introduced in the EU’s Revised Payment Services Directive (PSD2) for authenticating online payments. It requires increased security for electronic payments with multi-factor authentication. Some transactions can be exempted from SCA. Online SCA exemptions include:

Low-value transactions: Exemptions are granted for transactions under EUR 30. However, issuers may demand SCA after five transactions or if the aggregated amount exceeds EUR 100.

Subscription and recurring transactions: Subscription or recurring transactions with a fixed amount are exempted from the second transaction onwards. SCA is required for the initial transaction or if the amount changes.

Mail Order and Telephone Orders (MOTO): MOTO transactions are not covered within the new standard.

Does SCA apply to credit cards?

SCA applies to online credit card transactions. The legislation was put in place to ensure payment providers improve customer authentication processes following the increased popularity of online shopping and online payments.

Further Information:

News

March 24, 2021

3-D Secure Now and Then

How does 3DSv2 improve the consumer experience?

Expertise

January 28, 2020

The Blessings of PSD2 and Open Banking

Merchants and customers trust IXOPAY to deliver immediacy, control, and convenience

Expertise

September 05, 2019

All you have to know about PSD2, 3DS2 and SCA

New user experience through seamless authentication for even more secure online purchases.

Partner	Name	Description	Duration
IXOPAY GmbH	cookiesConsent	Cookie Banner. Stores your cookie settings.	12 Months
IXOPAY GmbH	_fm	User centric security cookie to detect authentication abuses. Filters out computer/bot generated Website requests.	30 Minutes
Google Ireland Limited	reCAPTCHA	User centric security cookie to detect if a human being or a computer is making a specific entry in our contact or newsletter form.	6 Months
Cloudflare Inc.	cf_clearance	Used by Cloudflare (Website Security Network) to identify trusted web traffic, and protect our website against malicious activity (see Cloudflare's Cookie Informations).	30 minutes

Partner	Name	Description	Duration
Google Ireland Limited	_ga	Analytical cookie set by the service Google Analytics used to distinguish visitors. Collects data about number of visits and user journey.	2 years
Google Ireland Limited	_gid	Analytical cookie set by the service Google Analytics used to distinguish visitors. Collects data about number of visits and user journey.	24 h
Google Ireland Limited	_gat_ua-keynumber	Analytical cookie set by the service Google Analytics used to throttle the request rate, limiting the collection of data on Websites with high traffic.	Session
Google Ireland Limited	_ga_container-id	Cookie set by the service Google Analytics 4. The cookie is used to persist session state.	12 month
Microsoft Ireland Operations Limited	Clarity	Analytical service capturing your interactions on the Website such as how the page has rendered and what interactions you had on the Website (surfing behavior: mouse movements, clicks, scrolls). Microsoft collects or receives personal data from us to provide Microsoft Advertising (see Microsoft Privacy Statements). Sensitive content such as passwords, usernames, and user input are masked before sending to Microsoft.	12 months
Dealfront Group GmbH	_lfa	Analytical service that collects the visitor IP address to detect corporate visits and their geographic location. Leadfeeder only shows company visits, automatically filtering out all users visiting from residential IP addresses. All visit data is aggregated Dealfront Group GmbH / Analytical service that collects the visitor IP address to detect corporate visits and their geographic location. Dealfront only shows company visits, automatically filtering out all users visiting from residential IP addresses. All visitor data is aggregated on the company level (no reference to natural persons). Via a connection to Google Analytics, Dealfront shows company visitors' interactions on the Website (pages viewed, visitor source and duration of session). Dealfront also enriches that company data with contact data for individuals from publicly available data sources (eg. LinkedIn).	24 months

Partner	Name	Description	Duration
Google Ireland Limited	_gcl_au	Conversion-cookie set by the service Google Ads for assessing advertisement efficiency across our Websites and on websites of our marketing- & advertising partners.	3 months
Google Ireland Limited	_gac_gb_container-id	Cookie which connects Google Analytics und Google Ads. Google Ads website conversion tags will read this cookie.	90 days
Microsoft Ireland Operations Limited	Universal Event Tracking (UET)	Conversion-cookie set by the service Microsoft Advertising for assessing advertisement efficiency across our Websites and on websites of our marketing- & advertising partners. In general, the cookie in the relevant domain and your IP address are passed to Microsoft with every http request and not just via UET.	13 months