Smart Payment Association (SPA) considers that the new Payment Service Directive (PSD 2) draft represents a significant restructuring of financial regulation applicable to retail payments. Its chief goals are to increase competition in the retail payments market, and to give European citizens the confidence of a reinforced legal system that works for, and protects, them. It is hoped that this confidence will contribute to the wide adoption of innovative payment instruments – an objective for SPA members expressed in its position on the Green Paper ‘Towards an integrated European market for card, internet and mobile payments’ in 2012.
SPA therefore welcomes the legal support the Directive offers to electronic payments initiated with personal devices and adapted to open networks.
While technology neutral, SPA believes there remains a strong need to support the European industry in its effort to promote the smart card. It is smart card technology that enables payments interoperability, alongside the highest levels of standards-based security and payer convenience. In addition, because smart cards are marketed in different hardware form factors adapted to different devices, they allow traditional bank card payments to be securely and conveniently extended to other channels – including mobile and internet open networks.
Furthermore, smart card-based technology offers the natural security and data protection advantages of ‘user possession’ when compared to cloud-based alternatives. The centralized nature of cloud systems creates a very real target for hackers – their servers being vulnerable to large scale attack. The user-owned and decentralized smart card, in contrast, does not.
It is therefore accurate to view smart card technology a true driver for safe innovation – a central objective of the new regulatory framework.
SPA believes the new release of the PSD will have a major impact on the retail financial services industry for years to come: not least because the Directive extends regulatory framework to cover new legal entities seeking to provide payment services. We share the view that trust in the SEPA retail payment systems can only be achieved if all the players participating in the payment value chain are properly regulated – and that no gaps are apparent.
SPA also maintains the importance of strengthening standardization efforts – outlining our own investment and commitment in this area through our work within the EPC- Cards Stakeholders Group (CSG), representing the Vendors Sector. Along with the other CSG stakeholders, SPA has driven the drafting and public consultation of the first SEPA specifications for remote payments, covering both functional and security aspects. Here the objective was to agree on a common core of requirements that protect the consumer regardless of the card payment instrument used – a traditional debit/credit card in a retailer terminal, a mobile device or a personal computer connected to Internet. SPA considers that these CSG initiatives are perfectly aligned to the objectives of the PSD. We therefore recommend that the CSG should continue to play a central role in the development of the SEPA for cards standards.
Finally, we feel it important to warn of the potential conflict in the provision and requirement of future laws relating to retail payment systems, eg, data protection and the fight against financial crime. Here, SPA considers that additional insight and investigation is required in order to better understand how technology may offer a harmonized and standardized technical solution.