Merchants and customers are now transacting under PSD2 and GDPR in the European Union (EU) — regulations that allow a greater window into how customer data is being used. While these regulations are aimed at increasing consumer trust by allowing them more transparency, many consumers in the region are still adjusting.
In fact, many still have concerns over data breaches under PSD2, especially when it comes to their relationships with banks, now required to share previously siloed data with third parties. Just 53 percent of customers in the U.K. said they would give their mobile numbers to their banks, for instance, showing a lack of trust, and putting a damper on Open Banking services.
Concerns from consumers outside the EU on how data is handled are growing as well, though many continue to have concerns regarding fraud. In the February edition of the PSD2 Tracker™, a collaboration with Whitepages Pro, PYMNTS examines how PSD2 and GDPR are progressing in the EU, and how data regulations and consumer trust are affected around the globe.
Many countries within the EU are working fast to implement these regulations into their payment and banking ecosystems. Bulgaria, for example, is moving quickly to implement the GDPR regulation for data transparency, with the country’s parliament passing amendments in early 2019.
However, as stated, many still have qualms regarding Open Banking and data transparency when it comes to security and privacy, concerns that are still being debated in the Bulgarian government as GDPR progresses. These security concerns are also prompting many payment providers and merchants, such as Mastercard, to rethink their approaches to privacy. The card network has partnered with Open Banking service Konsentus to add an identity and regulatory checking service to its roster of Open Banking tools and technologies.
Meanwhile, security concerns have others in the EU on the lookout for companies and services that may not be fully compliant with these new regulations, potentially leading to more privacy concerns down the line. In fact, a French regulatory body, the Commission nationale de l'informatique et des libertés (CNIL), has fined Google the equivalent of $56 million for noncompliance with GDPR within the region, alleging that the information services company was using EU customer data for advertising purposes without obtaining clear consent from those customers.
For more on the security and privacy issues surrounding these regulations, visit the Tracker’s News & Trends section.
Since its official launch in January 2018, merchants and consumers in the EU have been slowly coming to terms with the effects of PSD2. However, customers are still wary of sharing too much data online, especially as questions grow over who has their data and how it’s being used.
For third-party providers, such as P2P lending and investment provider Zopa, PSD2’s data transparency rules provide an opportunity to “level the playing field” when it comes to gaining that consumer trust. This is according to Didier Baclin, chief innovation officer for the company, who spoke with PYMNTS on the ways PSD2 is changing the customer relationship in the U.K., and how third-party players are coping with it.
To learn more, take a look at the Tracker’s feature story.
While consumers and merchants in the EU are still growing accustomed to the lay of the PSD2 land, its impact on the region has not gone unnoticed by the rest of the world. Consumers, merchants and regulators alike are carefully scrutinizing PSD2 and GDPR regarding the ways they’re changing data and its use, and if similar regulations could possibly work in regions outside of Europe.
GDPR was officially signed into law in 2016. Since that point, regulators and companies in the U.S. have been examining the potential for a similar law, as American consumers grow increasingly concerned over the amount of data that’s been breached and collected over the past few years. In the Deep Dive, PYMNTS looks at how the spread of GDPR and PSD2 across Europe is affecting the perception of data and privacy in other countries, particularly the U.S.
Visit the Tracker’s Deep Dive to learn more.
About the Tracker