PSD2 - Content and Deadlines
Payment Services Directive 2, or PSD2 for short, is an update of the European Union's payment guidelines, which were established in 2007. Probably the most relevant part of the new regulations is the change for electronic payments. With the introduction of Strong Customer Authentication (SCA), all online payments must now be authenticated by two of the following three factors:
Something you know
Something you have
Smartphone, Credit card, Wearable
Something you are
Fingerprint, Face recognition
In order to complete an electronic transaction, two of the three factors mentioned must now be successfully fulfilled.
Payments by direct debit and bank transfers are completely excluded for 2-factor authentication. Small transactions, a whitelist, payments between companies, payments in the form of subscriptions or mail/telephone orders are excluded from the regulation under certain conditions.
In order to ensure that online bookings can continue to be made without problems on the hotel's own website, you should double check the details with your payment provider.
If the credit card is required as security for a reservation or to debit a deposit, this security will lose its value in the future. For no-shows and cancellations, it will be even more difficult for the hotelier to collect the agreed fees in the future. If prepayments for bookings via OTAs are not processed directly via virtual credit cards, the guest's credit card data must be manually entered into the hotel's own terminal and debited as before. However, this will probably no longer be possible in the future due to the SCA guidelines.
The new EU regulation entered into force on 14 September 2019. This means that a Strong Customer Authentication is obligatory for every payment on the Internet. However, the European Banking Authority (EBA) has provided the national supervisory authorities with the option of granting a temporary postponement for the service providers concerned, but there is currently no uniform solution across Europe.
The German financial supervisory authority Bafin thus declared that payments are still permitted until 31.12.2020 even without the stricter SCA regulations. The Austrian Financial Market Authority (FMA) has also granted a postponement of the implementation period for strong customer authentication until 31 December 2020. The authorities in Italy, Ireland and the Netherlands have also extended their deadline to the merchants.
Stay up to date and sign up now for our monthly newsletter.
Hotel cancellations pose a great challenge
In recent years there has been a rapid increase in hotel cancellations. More and more frequently, guests tend to cancel their room reservation. In...
Subsidy: KMU Digital 2.0
The Federal Ministry for Digitisation now offers Austrian small and medium-sized enterprises the opportunity to apply for the subsidy KMU Digital 2.0...
Requirements for the digital registration form in Germany
The digital registration form has been approved by the German Federal Cabinet in 2019 and will digitize and simplify the guest registration process...