The revised Payment Services Directive (EU 2015/2366, also known as PSD2) came into force on 12 January 2016 and for most of the provisions, Member States will have until 13 January 2018 to implement them into national laws. The most debated and impactful parts of the PSD2 are related to the provisions on strong customer authentication for online payments and on the introduction of new 'payment initiation and account information services', operated by third party providers. The PSD2 security measures related to third party account access and to strong customer authentication will enter into force 18 months after the adoption by the European Commission of the necessary technical standards, to be developed by the European Banking Authority EBA in close cooperation with the European Central Bank.
It is currently unknown what level of detail the EBA technical standards will have, as EBA will probably have to balance between a high degree of prescription in the standards on the one hand and customer convenience and future innovation on the other hand. Several different organisations in Europe have already worked on high-level business and functional requirements. The most recent Berlin Group Plenary meeting of 25 February at Visa Europe in Madrid decided to include appropriate detailed technical implementation standards for the PSD2 topics on account access for account information and payment initiation services, connected to the requirements on strong customer authentication, into the scope of its NextGen activities (as a separate NextGen workstream). A dedicated NextGen PSD2 Taskforce of banks, banking associations, card schemes and interbank processors across Europe has started to work on an 'Access to Account Framework' with detailed data modelling (at conceptual, logical and physical data levels) and associated messaging. Considering the stringent timelines needed for implementation, the NextGen PSD2 Taskforce aims to publish a full 'Access to Account Framework' with Operational Rules and Implementation Guideline documents in the Autumn of 2017.
As an open interoperability standards and harmonisation initiative, the NextGen PSD2 Taskforce activities are open for participation to any interested and committed national or international payment scheme, bank, banking association or payment processor working in SEPA, and which can be implemented by any interested market participant, not necessarily only by Berlin Group members.