Position paper on the issue of access to the payment account



Similar documents
A Dual Consent Approach for x-payments

Legal aspects e-mandates

1. Definitions The following definitions are, both in the singular and in the plural, used in these terms and conditions payment methods Buckaroo:

EACT COMMENTS ON THE COMMISSION PROPOSAL FOR PAYMENT SERVICES DIRECTIVE II

Form Payments statistics (formerly form-9006)

Securing Internet Payments. The current regulatory state of play

AML / CFT Anti-money laundering and countering financing of terrorism

THE BANK ACCOUNT AT THE HEART OF THE DIGITAL EXPERIENCE. MyBank for Service Providers

Oversight of payment and settlement systems 2014

DECISION PROMULGATING THE PAYMENT SYSTEM ACT

FinTech Focus: New European Directive on Payment Services (PSD2) Comes into Force

Please ensure that the full date is entered (including the month and year e.g. 14 th December 2010.) Page 2 paragraph 7.1 Please insert the date

Code of Conduct for Mobile Money Providers

COLUMBIA CREDIT UNION ELECTRONIC FUNDS TRANSFERS AGREEMENT AND DISCLOSURE Business Accounts

DEBIT MASTERCARD AGREEMENT Revision

The Czech National Bank s opinion

LAW ON PAYMENT SERVICES

New Regime for the Regulation of Payment Services in Europe

Definitions: Use of the Card

Interim Policy Statement 161 Registered insurance brokers and their representatives

Our global technology. Your advantage. Telegraphic Transfers. Product Disclosure Statement Issued 2 June 2008

Old Dominion National Bank Consumer ebanking Access Agreement and Electronic Fund Transfer Act Disclosure

EBank Debit Card Terms and Conditions

General Conditions. The only legally binding General Terms and Conditions are those in the Dutch version.

Towards basic electronic payments A roadmap for competitive and inclusive payment systems in Europe

Payments Statistics Return (PSA)

General terms and conditions of the VVV

PocketSuite Terms of Service. Last modified: November 2015

Financial Services Authority. Guide to Client Money for General Insurance Intermediaries

Merchant Account Contract for Card Acceptance

Open Source Software used in the product

Belgium in international tax planning

1.2 Business Day means any day other than a Saturday, a Sunday or a public or bank holiday in England and Wales.

Credit Card Processing Overview

Position Paper e-payments

Request for Proposals

SPECIFIC TERMS APPLICABLE TO YOUR HIGH YIELD CHECKING ACCOUNT

Terms and Conditions Corporate Customers. Industrial and Commercial Bank of China (Europe) S.A. Amsterdam Branch

Instant retail payments for Europe: a Blueprint

Mid Carolina CU Internet Online Banking Services Terms and Conditions

NATIONAL PAYMENT SYSTEM ACT

Credit Card Transactions

UIBL TOBA. United Insurance Brokers Ltd. Terms of Business Agreement

Words importing only the singular shall include the plural and vice versa.

bi on Solution white paper

BERMUDA MONETARY AUTHORITY

PAYMENT SERVICES AND SYSTEMS ACT (ZPlaSS) CHAPTER 1 GENERAL PROVISIONS SUBCHAPTER 1 CONTENT OF THE ACT. Article 1. (scope)

Actorcard Prepaid Visa Card Terms & Conditions

Regulations on bank accounts for individual customers at BNP Paribas Bank Polska SA

Rothschild Visa Card Terms and Conditions

Apple Pay. Frequently Asked Questions UK

PSD2 Regulating a New Payments World Patterns of Expertise The quest for a

Swedbank, AB payment services provision conditions

3.6. Please also note, unless your policy confirms otherwise, the rights under your policy may only be pursued in an English court.

The FSA s role under the Payment Services Regulations 2009

EBF Position on ECB Recommendations for Payment Account Access Services

Delegations will find hereby a Presidency compromise text on the above Commission proposal, as a result of the 17 October Working Party meeting.

Act LXXXV of on the Pursuit of the Business of Payment Services

Banking & Finance - Bulletin 60 December 2008

Operational Guidelines for Credit Card Business in Pakistan

ECB-RESTRICTED. Card payments in Europe a renewed focus on SEPA for cards

NZD GBP Telegraphic Transfers (New Zealand)

CHAPTER VI CASH SETTLEMENT, DELIVERY AND EXCHANGE OF FUTURES. Cash Settled Contracts and Physical Delivery Contracts

Financial Conduct Authority. The FCA s role under the Payment Services Regulations 2009 Our approach

Dennemeyer & Associates Terms and Conditions for Trademark Clearinghouse Services

WEBKINCSTAR ONLINE SECURITIES TRADING - TERMS AND CONDITIONS OF USE

Let s go international!

Review of the European Union s proposal for a new directive on payment services ( PSD2 )

Catch all the digital moments

credit card Conditions of Use

Verified by Visa Terms of Service Credit Card Accounts

David Jones Storecard and David Jones American Express Card Member Agreement, Financial Services Guide and Purchase Protection. Terms and Conditions

THE USE OF BANK DATA FOR IDENTITY VERIFICATION. White Paper

The name of the Contract Signer (as hereinafter defined) duly authorized by the Applicant to bind the Applicant to this Agreement is.

Website terms and conditions: services to consumers, payment online. Trading terms and conditions of Raise A Tree Ltd.

Visa business cards agreement

Payments Relating to Online Shopping

Electronic Funds Transfer Agreement and Disclosures

Payments Package: Technical concerns

Internet Authentication Procedure Guide

Terms and Conditions of Mobile mtransfer Service

ComSign Ltd. TM. Security Certificate Approval Regulations For SSL Websites (CPS)

LAW ON PLEDGE OF MOVABLE ASSETS REGISTERED IN THE PLEDGE REGISTRY I. GENERAL PROVISIONS

Eesti Pank policy for the operation and oversight of payment systems and for facilitating the payment market

Article 4. Customer s commitments

Transcription:

Position paper on the issue of access to the payment account April 2013

Position paper on the issue of access to the payment account Consumentenbond Currence De Nederlandsche Bank Nederlandse Vereniging van Banken Thuiswinkel.org De Nederlandsche Bank April 2013

Table of contents 1 Introduction 3 2 Payment account access 4 2.1 Domains of payment 4 2.2 Dual consent approach 4 2.3 A new secured channel 5 2.4 Legal framework for the additional service 5 2.5 Extent of access 6 2.6 Clear contractual relationships 6 3 Concluding 7 2

1. Introduction In the past years e-commerce has grown at a rapid rate. Payment methods suited for online environments have not everywhere been fully developed. One of the well-known exceptions is payments based on online banking. In the world of new payments, more and more ways of payment services suited for each situation will arise. By opening up the payment account to new parties, albeit to a certain extent for specific transaction use cases, this could support innovation and eventually lead to even more efficient means of payment. However, this should only be set up with 1) sufficient control measures, to safeguard the level of security and hence trust in online transactions, and 2) a legal framework for access to the payment account. With regard to the security aspects, the European Forum on the Security of Retail Payments has published a set of recommendations for payment account access for public consultation in January. By applying commonly agreed recommendations in Europe, security of current payment services can be safeguarded, while innovation by third parties offering new payment related services are made possible. When it comes to the legal framework, new parties offering services by accessing the payment account, should be addressed in contracts between the account servicing PSP and the third party, and between the account owner and the third party. The obligation for the dual consent could be added to the Payment Services Directive. Given the prospective innovations by providing access to the payment account, the Netherlands, being Thuiswinkel.org (web merchants association), Nederlandse Vereniging van Banken (Dutch Banking Association), Consumentenbond (Consumer union), Currence and De Nederlandsche Bank, proposes to regulate the payment account access services within the PSD, based on the dual consent approach. This paper elaborates on the background of this approach in the context of these new payment services. 3

2. Payment account access 2.1 Domains of payment In the context of retail payments there is (1) a domain where the funds are transferred from one payment account to another payment account and (2) a domain where the payer and payee agree on the payment and where the payment instruction is generated. The first domain is the domain of the account servicers, including the clearing and settlement systems. These account servicers maintain among others the payment accounts on behalf of the account owners (payers and payees). These account servicers are regulated to protect the funds of the customers as account owners. The level of regulation depends on the risks; credit institution, electronic money institution or payment institution. The second domain is the domain where parties offer services to payers and payees to assist in the transaction. In this domain the payment instruction is generated. This domain is where currently most of the innovations take place. 2.2 Dual consent approach An account owner should be able to choose whatever he or she wants to do with the funds on the payment account. The account servicer should service that and at the same time take care that the funds on the account are safe and secure. New, third parties offer payment services through accessing the account. These parties do not maintain payment accounts themselves but merely assist in the initiation of payment transactions and provide payment confirmation to payees. In this case, both the account owner and the account servicer should consent to this payment account access. Only then the account servicer is able to comply with its obligations to safeguard the funds and the customer is still free to choose what to do with the funds. This is what is called the dual consent approach 1, where the customer as the account owner and the bank as the account servicer should both consent to the transaction, respectively owner consent and servicer consent. 1 A dual consent approach for payments. R.J. Berndsen and D. van Oudheusden, Journal of Financial Market Infrastructures Volume 1/Number 2, Winter 2012/13 (45 61) (also available on the website of DNB) 4

2.3 A new secured channel Currently an account owner has multiple channels to execute a payment from its payment account, e.g. a card transaction, direct debit, credit transfer via e-banking. All these channels are serviced by the account servicer. The third party access would be another service channel added to the payment process. Account servicers need to protect the funds entrusted to them and must have security measures in place to achieve this. The account servicers provide their customers with special instruments and procedures to increase the security and minimize the risks. Specific security measures should be applied to the new channel of access to the payment account. There should be a secure connection between the third party and the account servicer, and be contractually agreed upon in advance. In this contract it will be made clear to which extent access is allowed. The secure connection ensures that the account servicer recognises the third party as being the third party, and not the account holder itself. 2.4 Legal framework for the additional service To be able to regulate these new internet payment services a new service will need to be defined under the PSD. This service can be addressed as payment account access service and is defined as follows: A payment account access service is an internet payment service offered by a third party a third party not being either a payer nor a payee, nor the account servicer to a payer for accessing a payment account of this payer, not serviced by this third party, to assist in the initiation of a payment transaction to a payee. The third party acts as an intermediary with consent of both the account holder, being the payer, and account servicer. Intermediary is defined here as a third party who on a case by case basis obtains indirect pre-instructed online access to the account holders payment account. The definition states the service that is offered by the third party service provider. The third party needs a licence to offer this service. This definition excludes services, like operating systems, web browsers, data communication lines. These basic tools do not add value to the actual payment transaction, which is why they are excluded in this definition. 5

2.5 Extent of access The extent of access that may be granted by an account owner and account servicer ( dual consent ) may include one or more of the following: Verification: [meaning that the buyer has sufficient credit with a chosen account servicer to be able to pay for the purchase]; Reservation: [meaning that within the payer s account the amount needed to pay for the purchase has been blocked]; Final settlement: [meaning that payment from the payer s account to payee s account is settled]. These multiple levels are only allowed to be executed on the basis of a consent from both account owner and servicer. The request for access should be explicitly asked to the customer, to be in any case aware of having a third party accessing the account and for which purpose. In applying for a license to operate as a payment account access service, matters of capital requirements, security requirements, etc. should be adapted to the specific level of access that will be used. 2.6 Clear contractual relationships Contractual agreements between all parties involved (third party, account holder, account servicer) are essential. Access to the payment account by a third party implies a technical connection between the third party and the account servicer. To deliver trust to customers on accessing the account, it is necessary to have contractual agreements, based on the principle of contractual freedom, on liability, security, availability of the service, non-repudiation and commercial conditions between the account servicer and third party. Conditions on liability should be agreed upon, to clearly define who and which party is liable in case of fraud or any other dispute between customer, account servicer and/or third party. Next to that, it should be agreed which way the third party will technically access the account. This includes security measures to safely establish a connection between all parties involved. The minimum set of requirements for the security level offered by third parties offering payment account access services should be equivalent to the security level of regular internet banking. Additionally, the payment account holder also needs to contractually agree on access to its payment account with its respective account servicer and third party. 6

3. Concluding There is a demand for new online payment services from both consumer and merchant perspectives. Services which will contribute to the integration of the European payment market and contribute to a competitive and mature pan- European online payment market. To ensure trust in the environment of online payments, there will need to be 1) a minimum level of security requirements to safeguard funds in the account, and 2) a legal framework, to arrange the liability and technical aspects between the new third parties and both account servicers as well as account owners (dual consent). With the newly added access channel to the payment account, the market could develop new services that will better service the customer and merchant. Differentiation in services by third parties is possible depending on the extent of access (verification, reservation, settlement). By putting payment account access as a service under the PSD, it extends the safeguarding of funds of the account owners. It will also contribute to both innovation in payment services and trust in these services and payment as a whole. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information