PSD2 Compliance in Zoho Books

Zoho Books | September 13, 2019 | 2 min read

The Revised Payment Services Directive, also known as the PSD2, is a set of regulatory guidelines laid down by the European Union (EU) for finance, banking, and payment service companies. These regulations aim to improve the protection of consumer information, provide a common platform for competing organizations, and prevent payment fraud. PSD2 regulations apply not only to banks but also to companies that create apps for services like making payments, managing bank feeds and tracking expenses.

PSD2 compliance in Zoho Books

Competition between companies to either work with or create these apps has sparked many new businesses to enter the market. With all of these players, EU legislators came up with the PSD2 regulations to build a bridge between the service provider and the customer, enabling a hassle-free pathway for accessing financial information in a secure way.

Key aspects of PSD2

With the introduction of PSD2, two primary aspects have come into play: Strong Customer Authentication (SCA) and Third-Party Providers (TPPs).

SCA is a regulation to decrease the possibility of fraud while making an online payment. With the implementation of SCA, customers will have to go through multi-factor authentication (MFA), providing two of the following:

  • Something they “know,” like a password or pin

  • Something they “have,” like a phone or smart card

  • Something they “are,” referring to biometrics like fingerprint or facial recognition

TPPs are broadly categorized into Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs). AISPs collate the account information of an individual from their various banking institutions and gives them an overview in one place. On the other hand, PISPs are third-party companies that provide payment services. Under PSD2, PISPs can initiate a payment on behalf of their customers by abiding with SCA.  

Zoho Books and PSD2 compliance: What to expect

Banking

Zoho Books is making the necessary adaptations to be PSD2 compliant. That means, Zoho Books will disconnect the automatic import of bank feeds from banks that are under the purview of PSD2 from September 14, 2019. We are closely working with an alternate third-party provider and the banks to support the automatic import of bank feeds in Zoho Books. We will notify you as soon as we support automatic feeds for your bank. Until then, you will have to import the bank feeds manually to view them in Zoho Books.

Payments

As Zoho Books works with multiple payment platforms, we’ve been striving to ensure that the integrations with them are PSD2 compliant. Some have already complied while others are expected to comply by September 14, 2019. The status and the additional steps you must follow to adhere to PSD2 for each payment gateway is detailed in the Integrations page in Zoho Books. To check, go to Settings > Integrations > Customer Payments.

Compliance dates

The UK’s Financial Conduct Authority (FCA) has provided a 6-month extension for TPPs and an 18-month extension for banks to be PSD2 compliant. However, in the EU, be aware that the deadline to adhere to PSD2/SCA varies from country to country.

All payment integrations in the Zoho Finance products such as Zoho BooksZoho InvoiceZoho SubscriptionsZoho Inventory, and Zoho Expense will be PSD2 compliant on September 14, 2019, regardless of the extensions provided by the regulatory authorities.

 

PSD2 glossary

  • PSD2: Revised Payment Service Directive

  • AISP: Account Information Service Provider

  • PISP: Payment Initiation Service Provider

  • XS2A: Access to Accounts

  • IAM: Identity and Access Management

  • ASPSP: Account Servicing Payment Service Providers

  • SCA: Strong Customer Authentication

  • FCA: Financial Conduct Authority

  • TPP: Third-Party Service Provider

This site uses Akismet to reduce spam. Learn how your comment data is processed.