PSD2 is a review of the original Payment Services Directive, that will come into play on September 14th 2019.

The purpose behind it is to:

  • Improve upon existing rules in regards to digital payments
  • Make digital payments easier and safer 
  • Promote innovative mobile & internet payment services

With this update, a double authentication (a Strong Customer Authentication) is now required to authorise the customer’s transaction. 

Image cred: unsplash

Why is it necessary?

With the rise of fraud (stolen/duplicated cards) over the last few years, it’s caused a major issue for businesses, banks and everyone in between, so you could say the double authentication system is necessary at this stage, and should limit cases of fraud that have been occurring, which in turn, will benefit customers. Its roll-out will also help to facilitate new technological advances like mobile payments.

How will it work and who will it affect?

It will require all payments to be authorised by two of the following: a pin/password, a credit card, and touch or voice ID. This will affect everyone in the European Union (both the person making the payment and the person requesting the payment need to be in Europe), and yes, it applies regardless of the Brexit outcome! 

So, this means…?

Basically, your customers will be required to provide two authentication factors for every purchase they make on your website. So even if no payment is taken at the time of a booking, the two-factor authentication will still be required on the customer’s part. Not ideal. 

If the reservation is paid at the time of booking, the two-factor authentication is required then, and at this stage it’s not confirmed whether it’s required again at time of check-in. 

Will it affect your online conversion rate? Potentially, is the answer. It’s something we’ll all need to adapt to, hoteliers and customers alike. 

Are bookings made through OTAs affected too?

Yes, customers will be required to complete a two-factor authentication if they book through an OTA too, and in fact, OTAs may be forced to request full payment up front in more cases. 

What are Net Affinity doing to get ready for this change?

Net Affinity are updating our systems and working with our payment integration partners to ensure that all relevant work is completed well before the roll out date of 14th September 2019. At this stage, we don’t foresee our clients needing to do anything in regards to the booking process, but we will update you if this changes.

And what do I need to do?

First and foremost, you will need to update your Terms & Conditions and Privacy Policy on your website to ensure you are covered with this new PSD2 legislation. 

Talk to your payment provider and ensure they are ready for this new EU directive. They will let you know if you need to do anything additional at this point.