Opening up the online payments market, so as to reduce fees and fraud risks
Updating EU rules on payment services will cut the cost of paying bills, by enabling new market players to use mobile and online tools to make payments on a client’s behalf, said MEPs voting a law to this end on Thursday. These rules, informally agreed by MEPs and ministers last May, also aim to make online payments safer, by laying down data protection and liability rules for all online payment service providers.
"The EU payment services market remains fragmented and expensive, costing €130 billion, or over 1% of EU GDP, a year. The EU economy cannot afford these costs, if it wants to be globally competitive”, said lead MEP Antonio Tajani (EPP, IT), adding that "The new regulatory framework will reduce costs, improve the security of payments and facilitate the emergence of new players and innovative new mobile and internet payment methods".
The draft law was approved by 578 votes to 29, with 52 abstentions.
Use third-party providers to cut payment costs
A payer using an online account will have the right to use payment software, devices and applications provided by an authorised third party and to have payments executed on his or her behalf by this provider.
For example, payers who have no credit or debit card will be able to authorise new market entrants such as SOFORT in Germany, Trustly in Scandinavian countries or IDEAL in the Netherlands to use their bank details to make payments from their accounts.
Payment service providers’ charges should not exceed their direct costs. Additional charges for using payment instruments, such as credit and debit cards, for which banks’ “interchange” processing fees are already regulated, will be prohibited.
Making payments safe
A bank servicing a payer’s account could deny a third party service provider access to it only for objectively justified and substantiated security reasons which have been reported to the supervisory authorities. This safeguard should preclude any possibility of banks “blocking” the market for new payment services.
Third-party payment service suppliers, for their part, would be required to ensure safe authentication of the user and reduce the risk of fraud. They would have to ensure that a user's personal payment data transit through the safe channels and that they are shared only with the user’s consent.
In the event of an unauthorised payment being made from his or her account, the holder should not lose more than €50 if the payment instrument was lost, stolen or misused. A service provider that fails to act to prevent such a fraud after a notification of a loss, or does not require strong customer authentication when necessary, could be deemed liable for its client’s losses and ordered to remedy the financial damage.
The law now needs to be officially endorsed by EU member states before it can enter into force.