Page 18 - Linkline_magazine_Spring_2018_digital_Neat
P. 18
cross-border electronic transactions (DGConnect, 2017). The acronyms in this legislation so there are two that we need to
regulation on electronic identification and trust services for know; the:
electronic transactions (EUeIDAS, 2014) is a milestone to a) Payment Initiation Service Providers (PISPs) (think Amazon)
provide a predictable regulatory environment to enable to “play a part in e-commerce payments by establishing a
secure and seamless electronic interactions between software bridge between the website of the merchant and
businesses, citizens and public authorities. It ensures that the online banking platform of the payer’s account servicing
people and businesses can use their own national electronic payment in order to initiate internet payments on the basis
identification schemes (eIDs) to access public services where of a credit transfer,”
eIDs are available. It also creates a European internal market
for electronic Trust Services (eTS) – namely electronic b) This enables a provider to;
signatures, electronic seals, time stamp, electronic delivery 1. Initiate post-verification online payments on behalf of a
service, and website authentication. Under the eIDAS customer between a merchant’s website and the
BLOCKCHAIN
regulation these services will work across borders and have customer’s bank,
the same legal status as traditional paper-based processes. 2. Dilute the reliance on credit/debit cards for online
payments,
The flexibility given by this regulation facilitates the 3. Pay the funds to cover the purchase of goods to the
development of new businesses where blockchain could merchant in real time.
intervene as it does not require the organisation to identify
individuals and entities in a public context but can be done c) Account Information Service Providers (AISPs) (think
through the private sector accompanied by the Money Supermarket and Mint) to “provide the payment
acknowledgement of the public one. service user with aggregated online information on one or
more payment accounts held with one or more other
Also, eIDAS allows the interoperability and cross-border payment service providers” and to provide overall access and
authentication in the public sector. Furthermore, it provides visibility into a customer’s account position and financial
the ability to identify a person through biometrics and allows situation.
us to verify only single claims such as power of attorney,
address, age or professional qualifications. It is worth The regulator is pushing for banks to make some of their data
highlighting that there is a positive attitude towards public through Application Programmable Interfaces (APIs)
electronic signatures in the cloud and therefore probably in the benefit of better competition in the market. On the
desirable not to depend on a centralised server but rather on other hand, the introduction of AISPs allows a customer to
a distributed system where information is not stored in a authenticate once in each financial institution they bank
single server. with, then log into their AISP portal for a single customer
view of all of account balances and transactions. With AISP,
consolidated account information is provided to a customer
on payment accounts from several financial institutions.
Whilst providing access to accounts in this manner is a
worthy innovation, it also potentially exposes AISPs as a
single point of attack for access to multiple accounts.
According to Jorge Lesmes in the Everis UK RegTech Report,
“PSD2 is a strong candidate to combine new technologies to
provide a valid solution to customers. Subject to consent,
banks could open access to their customer data and payment
capabilities using a secure, thoroughly documented
federated, shared protocol.” (Lesmes, 2017).
Blockchain could be the key to control the access to data.
Payment Services Directive 2 (PSD2) Thus, access to customer accounts enables the provision of
The first Payment Services Directive (PSD1) was established entirely new types of services will now be regulated under
to apply the same set of rules on payments across the whole PSD2 and could realistically be implemented with blockchain
European Economic Area (European Union, Iceland, Norway technology.
and Liechtenstein). This helps consumers to make cross-
border payments easily and safely. The legislation introduced General Legislation Governing Supply
the concept of a Payment Institution (such as PayPal and Chain Logistics
WorldPay) and also enabled the Single Euro Payment Area The EU regulation sets out many specific due diligence and
(EUPSD1, 2007). disclosure obligations that can be considered in a logistics
context for importers and exporters, including:
PSD2 comes into force in 2018 and aims to improve the 1. Comply with the OECD Due Diligence Guidance or
existing PSD1 rules, to regulate new forms of payment another diligence scheme.
institutions, to introduce new interaction models and to 2. Incorporate their policies into their contracts and
mandate the opening of banks’ information to third parties, agreements.
which will have significant implications on supply chain 3. Include a grievance mechanism for customers to report
financial operations. PSD2 (EUPSD2, 2015) introduced lots of concerns.
18 The Chartered Institute of Logistics & Transport
