do I need to think about Payment Services Directive 2 (PSD2)?

Discussion in 'Ecommerce Forum' started by wood1e2, Dec 2, 2020.

  1. wood1e2

    wood1e2 UKBF Ace Free Member

    2,158 167
    I have been sent a couple of eamil from Paypal and another from Sagepay saying that the 'December 31st deadline is coming up for PSD2

    'This is a reminder to get your business ready to process transactions with Strong Customer Authentication (SCA), under the Payment Services Directive 2 (PSD2).'

    What I can't work out is do I need to bother? my customers are taken to SagePay.com and PayPal.com to pay for my services/goods... So I presume SagePay and PayPal will have to make sure they are compliant?

    I do not take payment or collect card details on my site. So I presume I don't have to worry about this?

    Maybe I am wrong?
     
    Posted: Dec 2, 2020 By: wood1e2 Member since: May 2, 2007
    #1
  2. Alan

    Alan UKBF Legend Full Member - Verified Business

    6,726 1,855
    A lot will depend on the software that is communicating with SagePay.com & PayPal.com. It is most likely that it is all OK if it the recent, common and well supported software.

    I can't speak for your specifics, but recently software I was using for Stripe.com was not using their SCA compliant API and I had to make significant updates.
     
    Posted: Dec 2, 2020 By: Alan Member since: Aug 16, 2011
    #2
  3. IWW Limited

    IWW Limited UKBF Contributor Full Member

    52 8
    As Alan mentioned, it does depend on how your payment gateway is setup.

    If you use a hosted basket and payment gateway then you should be fine, if it's self-hosted then you will need to comply.

    SagePay and PP will likely stop payments going through for companies which are not compliant and self-hosted.
     
    Posted: Dec 2, 2020 By: IWW Limited Member since: Oct 16, 2020
    #3
  4. WolandPetrov

    WolandPetrov UKBF Newcomer Free Member

    6 0
    I believe that all will be okay, don't care about it
     
    Posted: Dec 2, 2020 By: WolandPetrov Member since: Dec 2, 2020
    #4
  5. wood1e2

    wood1e2 UKBF Ace Free Member

    2,158 167
    hi thanks

    but I presume if my customers are taken from my website to another website, ie PayPal or SagePay then they should handle the security etc? Not me?

    For one I do not have access to their payment pages?!?!
     
    Posted: Dec 3, 2020 By: wood1e2 Member since: May 2, 2007
    #5
  6. Simon-TP

    Simon-TP UKBF Regular Full Member

    125 29
    Strong Customer Authentication is version 2 of 3D Secure. If you are not using an i-frame on your website to collect card data then yes it should be down to the payment provider to make arrangements although you make need to update your integration version so best to check direct with your provider.
     
    Posted: Dec 4, 2020 By: Simon-TP Member since: May 5, 2020
    #6