Since the launch of PSD1 (Payment Services Directive) in 2007, Europe’s payment landscape has gone through waves of transformation. PSD2, which took effect in 2018, brought Open Banking and Strong Customer Authentication (SCA) into the spotlight. While it drove innovation, it also exposed challenges: inconsistent implementation, unreliable APIs, and friction in customer experiences.
Now comes PSD3, the next evolution of EU payment regulation. More than an update, PSD3 expands the scope of financial services regulation, strengthens consumer protections, and creates a fairer playing field between traditional banks and fintechs.
For financial institutions, fintech providers, and businesses operating in the EU, PSD3 is both a compliance requirement and an opportunity to innovate. In this article, we’ll break down what’s new, how it differs from PSD2, who it affects, and how companies can prepare.
What PSD3 Aims to Achieve
PSD3 (Payment Services Directive 3) is the EU’s latest step to modernize financial services. Its core goals include:
-
Stronger consumer protection: Broader rights to refunds for fraudulent transactions, clearer account statements, and full disclosure of hidden charges (e.g., cross-border ATM fees).
-
Coverage of new payment methods: BNPL (Buy Now Pay Later), instant payments, and even crypto transactions are brought into the regulatory framework.
-
Open Banking 2.0: Banks must publish quarterly API performance reports, improve reliability, and allow third-party providers to build fallback interfaces when APIs are non-functional.
-
Leveling the playing field: Non-bank payment institutions will be able to hold customer funds directly with central banks, enhancing trust and market stability.
In short, PSD3 aims to make financial services safer, fairer, and more future-ready.
PSD2 vs PSD3: Key Differences
While PSD2 was revolutionary, its rollout exposed major gaps. PSD3 seeks to fix these pain points:
-
Unreliable APIs → Mandatory performance reporting
-
Banks blocking third-party access → Interfaces must be made available
-
Lack of customer visibility → Permission dashboards required
-
Weak data standards → Enforceable data sharing improvements
Adjustments to Strong Customer Authentication (SCA)
-
Subscription payments require authentication only for the first transaction.
-
Two factors from the same category (e.g., two passwords) are permitted.
-
Mail Order/Telephone Orders (MOTO) and Merchant Initiated Transactions (MIT) remain exempt.
-
Accessible SCA methods must be provided for elderly or disabled users.
These changes aim to reduce friction for users while maintaining strong security standards.
Compliance Challenges Under PSD3
For businesses, PSD3 means new obligations and investment in compliance:
-
Authentication redesign: Payment providers must adapt SCA flows without hurting user experience.
-
API upgrades: Institutions can no longer delay or under-deliver—API performance will be closely monitored and reported.
-
Transparency requirements: Financial institutions must clearly disclose conversion rates and fees.
-
Accessibility: Services must be inclusive for people without smartphones or those requiring accessible options.
While these demands add complexity, they also raise industry standards, improve consumer trust, and reduce fraud.
How Businesses Can Prepare
To stay competitive under PSD3, companies should act early:
-
Review authentication processes: Redesign SCA flows to balance compliance and customer experience.
-
Upgrade APIs: Ensure systems are high-performing, and prepare fallback options for third-party providers.
-
Audit transparency practices: Make sure fees and exchange rates are fully disclosed.
-
Adopt virtual card solutions: Virtual cards can help businesses comply with new rules, prevent fraud, and improve cross-border payment efficiency.
Here, Buvei ’s virtual card solutions provide a powerful tool for compliance and innovation. Buvei enables:
-
Real-time transparency for cross-border payments
-
Robust fraud prevention and risk controls
-
Flexible expense management and permission settings
-
Seamless integration with Open Banking ecosystems
By leveraging Buvei , businesses can not only adapt to PSD3 but also build a more secure and user-friendly payment environment.
Conclusion
PSD3 is not just an update—it’s an evolution. It introduces stricter rules on consumer protection, stronger Open Banking requirements, new fraud prevention measures, and greater market fairness. While compliance will require effort and investment, early adopters will be better positioned to lead.
For businesses navigating the complexities of digital finance, virtual card platforms like Buvei can be a strategic advantage—helping reduce risks, streamline compliance, and unlock new opportunities in Europe’s modernized payments landscape.
PSD3 represents change, but it also offers the chance to create smarter, more inclusive financial products. Those who prepare now won’t just survive—they’ll lead.If you have any questions about opening a virtual card account, the Buvei customer service team is here to provide you with professional answers. Let us help you embark on your smart financial journey and easily control every purchase!
