A lot has already been written and discussed about PSD2. But what does it mean for you? Take a look at what will become possible soon.
Easier payments, a better overview
PSD2 supports innovation and the development of new services that help you manage your money and your budget. Such services often require the use of payment data.
PSD2 therefore defines a framework for sharing your payment details with payment service providers easily, securely and always with your explicit consent.
As a result, paying for online purchases will soon be even easier and you will be able to access all your payment data, even from different banks, in one place and on one screen.
Current accounts from other banks in your trusted app
We are constantly working on new ways to make your life easier. Which is why you will soon be able to add accounts held with other banks to your ING banking app as well as share your ING current account payment details with other providers. And thanks to PSD2, you can be confident of the same level of security as you would expect from us.
Only with your consent
You decide which services you want to use and whether or not to share your payment details. The only way anything can change is if you give explicit and express permission. Otherwise it can't.
Things to keep in mind
Sharing details with other banks and providers of account aggregation and payment initiation services can be useful. Nevertheless, you should always ask yourself to whom you are entrusting your details and for what they are being used.
If you are planning to give another payment service provider access to your account details, read the terms and conditions carefully and find out how your data will be used.
You can often find this information in the company's privacy policy.
In addition, the new PSD2 regulations could lead to criminals sending phishing e-mails. So always stay alert.
FAQ
The new Payment Services Directive or PSD2 is a European regulation that aims to increase the security of online transactions to create more competition, allow the introduction of new non-bank providers of payment services and to foster innovation in the world of payments. Through PSD2, other businesses can gain access to your payment details. Banks are required to provide access but only if you want them to and have given express consent for it. Otherwise they can't.
To begin with, not very much. But there will eventually be new types of digital services and new payment methods in (online) shops, from start-ups but also from other companies (Providers of payment services). And from us, of course, because we are also busy developing new services for you. So that you can organise your finances more easily.
After your permission, we will share your transaction details and your balance.
Transaction details include:
- Your account number
- Your name
- Name of the beneficiary
- The beneficiary's account number
- Notification or payment reference
- Amount and date of the transaction
Before you give permission to a payment services provider, check properly that you really know the provider and whether it is logical for them to request this permission. For example, because you want to use one of the company's services for which they need these details.
Protecting your data is our priority and we will only share payment details with other providers of account aggregation and payment initiation services if you want us to, and only after you have given your consent to the provider beforehand. You will be able to revoke the consent at any time from the provider of payment services.
And if you do give permission, we will first check that the provider is registered with the National Bank of Belgium and not just once, but every time that company tries to obtain access to get information. We also check that the validity period for your permission to that provider has not yet expired. We share your payment data based on strong customer authentication, as is already the case, for example, when you make payments via our channels.
Companies may only use your data for the purpose for which you have given your consent.
First of all check the terms and conditions and the privacy statement of the providers you want to share your data with. So you know how they are going to handle your data.
The PSD2 provides new services that can make organising your finances easier. Nevertheless, giving access to your current account is something you need to be careful about. Before you give permission to a payment service provider, check properly that you really know the provider concerned and whether it is logical for them to request this permission. For example, because you want to use one of the provider's services for which they need the details.
When asked to make a payment, check that the amount and the description are correct.
Also, check the terms and conditions and the privacy statement of the company you want to share your data with beforehand. So you know how they are going to handle your data.
In addition, the new PSD2 regulation could lead criminals to send phishing e-mails. So stay alert.
The PSD2 allows other businesses (payment service providers) to access to your payment details. Banks are required to provide access but only if you want them to, based on your explicit consent given to them, otherwise they can't.
The payment service providers will be able to offer you 3 types of services:
- Account aggregation: you will be able to consult your payment transactions and the balance of your current account(s) held at different banks via one screen. (Account information service)
- You will be able to initiate payments with your accounts at different banks from the platform of another provider. (Payment initiation service)
- A provider of payment services could ask if there is enough money in your current account to carry out a card transaction. (Balance check)
ING, of course, will offer these types of services as well. So you can easily manage your finances and your budget.
Absolutely nothing. Because you only need to do something if you do want to give permission, your account details will therefore not be shared if you don't give permission.
Yes, you can. The decision to share your payment details always lies with you. You can therefore withdraw this consent again at any time, via the company to which you originally gave your consent.
Protecting your data is our priority, so we will only share details with other providers of payment services if you want us to, and only after you have given them your express permission beforehand.
And even if you do give permission, we will check whether that provider is registered at the National Bank of Belgium. Not just once, but every time that provider requests to obtain access to get information. We also check that the validity period for your permission to that provider has not yet expired.
We share your payment data based on strong customer authentication, as is already the case when for example you initiate payments via our channels.
If you are transferring money to someone who uses an account information service which you don’t, the account information service provider will still receive the transaction data with your name, account number, description and the amount transferred by you. Because banks are legally required to share the transaction details through PSD2.
But the account information service provider is not allowed to use your transaction details for other purposes, without your express consent.
We only share your data with other providers of payment services when you have given express permission for that. The provider must also be registered with the National Bank. Such providers only receive permission if they satisfy strict requirements to get a license.
Giving access to your current account is something you need to be careful about. Before you give permission to a company, check properly that you really know the provider concerned and if it is logical for them to request the permission. For example, because you want to use one of the company's services for which they need these details.
When asked to make a payment, check that the amount and the description are correct.
Also, check the terms and conditions and the privacy statement of the company you want to share your data with beforehand. So that you know how they are going to handle your data.
In addition, the new PSD2 regulations could lead criminals to send phishing e-mails. So stay alert.