PSD2: the EU’s new payment services directive

PSD2, Europe’s second payment services directive, will go into effect on September 14, 2019. The purpose of these revised regulations is to increase security, reduce fraud, stimulate competition and improve efficiency across the payments ecosystem. PSD2 also introduces new requirements known as Strong Customer Authentication (SCA), which is a key component to reducing fraud. 

SCA will impact all countries within the European Economic Area (EEA). In order to accept payments once SCA is in effect, there will need to be an additional method of authentication in the checkout flow. If not, banks will be able to decline any payments that require SCA and don’t meet the necessary criteria. 

There are a few SCA exemptions, however, where certain scenarios may be out of scope of the SCA mandate:

  • Low-risk transactions
  • Payments below €30
  • Fixed-amount subscriptions
  • Merchant-initiated transactions
  • Trusted beneficiaries
  • Phone sales

For more information about SCA exemptions, as well as PSD2, our good friends at Stripe wrote an excellent piece that goes into much more detail. For now, we’re going to focus on how this might impact you.

So, what does this mean for you? 

If you’re collecting online payments through your Wufoo form, and you’re in the EEA or receiving payment from someone in the EEA, this may impact you. However, the onus for PSD2 compliance is ultimately on the payment service providers (PSP) themselves, so the only thing you’ll need to do is ensure that the PSP you’re using is compliant. Most PSPs that Wufoo integrates with are PSD2 compliant, and therefore you shouldn’t need to take any action. 

Wufoo has been working closely with the PSPs that we integrate with to ensure that the gateways are set up properly to comply to regulations. In order to abide by the SCA regulations, there will be a new prompt that’ll appear during the checkout flow, asking for additional verification. We’ve worked with our partners to ensure a seamless process that addresses all PSD2 requirements while reducing disruption to your payment processes. 


PSD2 is a new regulation that affects all business in the EEA, as well as anyone who is collecting payments from people residing in the EEA. PSD2 falls largely under the responsibility of PSPs, so as long as the provider you choose is compliant, there won’t be any disruption to your business. However, for any payments collected from or within the EEA, there will be an additional authentication step as part of the checkout process. 

If you have any questions about how PSD2 might impact how you use Wufoo, just reach out to our friendly support team and we’ll be happy to assist!


Add a Reply

You may use HTML for style.