We Specialize in
PSD2

PSD2, is a European legislation governing payment handling principles and has been adopted in EEA countries. It primarily focuses on establishing a new authorization regime for payment institutions, ensuring transparency in information provided to customers, and defining the rights and obligations of payment service providers and users.

PSD 2 relates to the payment’s legislation in Europe, which introduced new payment handling principles and was transposed into law within each EEA country.

The Payment Service Directive currently only applies to payment in EEA currencies between accounts located with the EEA. The directive essentially deals with the following three issues:

  • Establishes a new authorization regime for payment institutions
  • Establishes transparency requirements to ensure that payment service providers give the required information to their customers relating to payments
  • Sets out the rights and obligations of Payments service Providers and users, laying down rules on the movement of funds from the origin of payment through its execution, including dealing with disputes between users and providers. PSD2 controls relate to the following areas:
    • Governance-Operational and security risk management framework
    • Risk management and control models
    • Outsourcing (Third Party Services)
    • Risk assessments-Identification of functions, processes and assets
    • Classification of functions, processes and assets
    • Protection-Preventive security measures against identified operational and security risks
    • Data and systems integrity and confidentiality
    • Physical Access
    • Access Control
    • Detection-Continuous monitoring and detection of operations
    • Monitoring and reporting of operational or security incidents
    • Business continuity
    • Scenario-based business continuity planning
    • Testing of business continuity plans
    • Crisis communication
    • Testing of security measures
    • Situational awareness and continuous learning – Threat landscape and situational awareness
    • Training and security awareness programs
    • Payment service user relationship management-Payment service user awareness on security risks and risk-mitigating actions

The service Kyte provides to its clients is to review their IT related controls or planned controls and see if adherence with the PSD2 regulations is in place. Kyte also provides entities with the assurance that controls are in place to ensure Strong Authentication as required by PSD2.

FAQs

What changes does PSD2 introduce that may impact you?

Expand the payments covered by the Directive, to include:

Intra-EEA Payments (payments made between PSPs located in the EEA) in any currency, not just EEA currencies; and

One Leg Out (OLO) transactions from or into the EEA in any currency (where one of the PSPs is located inside the EEA and the other PSP is located outside the EEA)

Enhance customer protection and security for on-line payment services by defining strong customer authentication (SCA) requirements and technical standards (defined in the Regulatory Technical Standards or RTS) for third party access.

Add new types of payment services into scope by creating new third-party access rules enabling non-bank organizations to provide payment initiation and account information services (known as XS2A or Access to Accounts).

When did the PSD2 come into effect?

European Economic Area (EEA) countries were required to implement and transpose PSD2 requirements into local law by no later than January 13, 2018.

Which countries are in the EEA?

PSD2 applies to all EEA countries. The country scope of the Directive is based on the country location of the servicing PSP. The current list of EEA countries is: Austria; Belgium; Bulgaria; Croatia; Cyprus; Czech Republic; Denmark; Estonia; Finland; France; Germany; Greece; Hungary; Iceland; Italy; Latvia; Lichtenstein; Lithuania; Luxembourg; Malta; Norway; Poland; Portugal; Republic of Ireland; Romania; Slovakia; Slovenia; Spain; Sweden; Netherlands and United Kingdom.

You may also be interested in:

We're always a click, email or phone call away.

Let’s get in touch

Raising standards since 2006.

Kyte Global, with clients in over 65 countries has established itself as a unique company providing a one-stop-shop to all your information security and compliance requirements.

At Kyte Global we attempt to add value in everything we do. Our services have evolved as a result of the growing needs of our clients. Regulations keep getting stricter, compliance requirements keep getting more onerous and clients find themselves spending more time addressing these issues rather than focusing on their business. At the same time, resources with the right knowledge and experience are hard to come by. Kyte Global tries to tackle these issues by providing a one stop shop to all the client’s needs. Kyte Global understands that Compliance is an effective way of ensuring that controls are implemented.

Internally, Kyte Global is organised in teams, each dedicated to a specific service, usually revolving around a specific standard or regulation. Some of these are PCI DSS, ISO 27001, GDPR, Internal Audit, AML, Gaming, Penetration Testing, Training to name a few. Each team is made up of trained professionals, all experts in their own field.

Over the years, Kyte Global has established partnerships with suppliers that develop and implement industry leading solutions so that it can make recommendations to clients who require such services or products. Kyte is proud to have a network of partners that can assist its clients, big or small, in virtually all of the industries it operates in.

Who We Are Contact Us
>

News & Insights

Stay informed with our dynamic News and Insights section, where we share timely updates, industry trends, and expert perspectives to keep you ahead of the curve and informed about the latest developments in the field. Explore a wealth of valuable resources that empower you with knowledge and actionable insights for informed decision-making.

Kyte Global's Irish Bar Legacy Lives on at SiGMA
Thursday, 23rd November 2023

Kyte Global made its triumphant return at SiGMA 2023, upholding its tradition of extending a warm welcome to both familiar faces and new connections while showcasing our Information Security and Compliance Services. The event once again proved to be an excellent platform for engaging with clients, partners, and industry experts, fostering meaningful discussions on the critical industry aspects.

Continue reading
Kyte Global's Debut in Asia: A Resounding Success at Cyber Security World Asia, Singapore
Wednesday, 18th October 2023

The world of cybersecurity knows no boundaries, and in the spirit of expanding horizons and forging new connections, Kyte Global, presenting its credentials to the Asian market at Cyber Security World Asia (CSWA) in Singapore. This has been marked by invaluable encounters with attendees, the elevation of brand visibility, and the promise of exciting opportunities and partnerships.

Continue reading
Strengthening Cybersecurity: Kyte Global Exhibits at Cyber Security World Asia, Singapore
Thursday, 17th August 2023

We are delighted to share that Kyte Global will be exhibiting at the highly renowned Cyber Security World Asia 2023 event, to be held in Singapore. As a company at the forefront of safeguarding businesses against cyber threats, we are excited to extend our presence to Asia and participate in this prestigious event.

Continue reading