What PSD2 is and How It Affects Your SaaS Product

What PSD2 is and How It Affects Your SaaS Product

The European SaaS Industry is estimated to reach US$69.82 billion in 2024 with an annual growth rate (CAGR 2024-2028) of 8.03%. 

Why does this matter? 

Because growing markets need to be regulated to ensure consumer protection and long-term sustainability. 

As the society, the SaaS industry, and, most importantly, technology progress - new regulations and laws must go into effect to protect consumers while ensuring balance and fairness in how business is performed. 

The SaaS and software markets are increasingly competitive, which, theoretically, is a good thing. Practically, however, if that competition is unfair or unregulated, it can do more harm than good. 

That is why having compliance frameworks in place governing electronic payment services is necessary in order to have a healthy business environment.

But how difficult is it to comply with these regulations? And how can a Merchant of Record simplify the process? To fully understand these issues,  read more about: 

What is PSD2?
4 Ways PSD2 Impacts Your SaaS
Why is the Merchant of Record The Solution?
How Can PayPro Global Help? 

What is the Payment Service Directive (PSD2)?

In 2007, focused on creating a single simplified market for payments and improving efficiency while encouraging fair competition, the EU rolled out the so-called Payment Services Directive. 

However, after almost a decade and some rather impressive technological advancements, the European Union decided it was time for some key compliance changes, and along came the revised payment services directive.

This new EU regulation set improved several areas of the original directive, described below: 

Greater transparency: Payment service providers are required to offer details regarding currency conversion rates, transaction charges, and other additional fees in a more transparent manner. 

Strong Customer Authentication (SCA): PSD2 requires SCA implementation for electronic payments as part of the new security requirements. When making online payment transactions, multi factor authentication insists that shoppers offer at least two of the three authentication factors.

3D Secure and 3D Secure 2: This is the most common authentication method for card payments and is supported by the majority of European cards. During the online payment process, to complete the transaction, the customer must authenticate with two out of these three scenarios: something they have, something they know, and something they are.

Open API for Third-Party Access: PSD2 encourages open banking, allowing third-party service providers to access bank account details as long as they have customer consent, of course. 

Prompt Complaint Resolution: In the PSD2 context, PSPs and TPPs are required to establish clear and efficient complaint resolution procedures. These need to be adequately communicated to customers so that issues are promptly and effectively addressed. 


4 Ways PSD2 Impacts Your SaaS

We know what you are going to say. 

PSD2 is a set of regulations that only payment providers (PSPs), financial institutions, and banks have a legal obligation to comply with. 

Know that merchants who are not proactive in applying the PSD2 provisions, specifically the SCA regulations, are probably going to experience a world of trouble. 

How come? Glad you asked - We’d love to tell you! 


SCA Complications 

Yes, PSPs are more obligated than others to enforce SCA technology, but that is not to say that SaaS businesses do not have their own share of responsibilities in the matter. 

Sadly, the 3DS 1.0 framework (introduced in 2000) had a long history of adding a great deal of friction at the checkout, leading to low authorization rates due to very bad user experience and implementation. 

In the PSD2 context, as it became mandatory for customers in the EU, the 3DS 2.0 technology came to improve this issue. While being much more user-friendly, more dynamic, and richer in information than 3DS 1.0, it still has its share of complexities. 

Ultimately, the industry has been experiencing not only frustration from shoppers but increasing payment failure rates, leaving both merchants and customers unhappy with the whole process. 

Not only is this a real problem in terms of SaaS business revenue, but it also affects customer trust. 

Declining valid transactions is widely regarded as a valid reason for shoppers not to return to your online business, especially if they can complete their transaction elsewhere without any hurdles. 

Increased Compliance Costs 

Adhering to PSD2 and other compliance frameworks takes a financial toll. 

SaaS companies must invest heavily in beefing up customer authentication and data security.

Plus, let’s not forget the expenses they must endure when it comes to compliance audits, enhancing data protection, and improving fraud prevention systems.

Keeping your documentation in order, as well as handling different reporting processes to demonstrate and maintain compliance, probably require further investments in both software and administrative resources. 

Furthermore, establishing a specialized department to track and implement regulatory changes is an additional cost that can be significant.

Customer Experience 

PSD2 places SaaS businesses in a rather complicated position. 

On the one hand, they need to follow the increased security guidelines established by PSD2, and by doing so, they are prone to creating a lot more friction in the payment flow. 

On the other hand, they are well aware that while shoppers value data security and SCA protocols are a good step in this direction, they also expect to have a frictionless payment experience and a smooth delivery of service. 

The result? 

A falling conversion rate and increased cart abandonment. 

And worse yet, the combination of these two factors can only lead to one thing: business disaster. 

Financial and Legal Consequences

Failing to comply with aPSD2 regulations can have a number of legal and financial complications. It’s not only important, but your responsibility to be well aware of them and take all the necessary measures to avoid them. 

Because not being able to adhere to compliance regulations adequately will lead to significant fines, which vary depending on the severity of the violation. Operational disruptions can occur if restrictions are imposed, which will obviously lead to revenue losses. 

Worse yet, things can escalate, and businesses may face legal action from either regulatory bodies or individuals affected by security breaches or fraudulent activities as a result of non-compliance.

We’ve mentioned this before, and with good reason: A faulty SCA implementation can lead to the loss of customer trust and brand reputation, which, as you can imagine, means significant revenue leakage. 

Why is the Merchant of Record The Solution?

As a SaaS developer gaining traction, you’re most likely eyeing the next growth milestone. And that’s exactly what you should be doing. 

Instead, you need to figure out how to juggle administrative workload effectively and comply with the PSD2 regulations in a way that does not destabilize your operations. 

Luckily, there is a way you can offload the mechanics behind online sales, and it’s called the Merchant of Record. 

The Benefits of Using an Merchant of Record

So, let’s see how exactly a trusted Merchant of Record partner can simplify PSD2 compliance. 

Reduced complexity and costs

By joining forces with a reputable and fully compliant Merchant of Record, you can put aside the complexities of adhering to PSD2 standards and trust an experienced and knowledgeable partner to handle them. This means you’re able to free up internal resources and put them to work on other core business activities.

Improved customer experience 

Given the level of experience and expertise, coupled with its innovative technology, the Merchant of Record manages the authentication and authorization process of payments. Carefully implemented, it can reduce friction for customers and actually increase conversion rates.

Ongoing compliance management 

With an in-house team of experts, your Merchant of Record adheres to the latest PSD2 regulations and promptly implements any updates or changes. Having this level of support is necessary to maintain your business on a fast track to success and quickly tap into growth opportunities. 

Improved fraud protection mechanisms

Supporting SaaS businesses on the road to global expansion, Merchants of Record have innovative risk management, security measures, and fraud prevention mechanisms in place that can face different cyber threats. 

At PayPro Global, for instance, we employ a comprehensive fraud protection plan that revolves around the specifics of your business. By doing so, we are fully complying with PSD2 regulatory technical standards concerning fraud protection. 

Meet PayPro Global.

The Merchant of Record that helps you grow

PayPro Global takes away the headache of selling your products worldwide. From local payment methods to simplified subscription handling and tax management, we give you the eCommerce tools you need to scale your business smoothly into the global market.


How Can PayPro Global Help?

As a respected company in the payments industry for over 15 years, PayPro Global’s unique Merchant of Record solution helps SaaS, software, and video game developers scale their businesses anywhere in the world. 

Our Merchant of Record offers end-to-end compliance management, taking operational frustration off your list of responsibilities and allowing you to focus on what matters most: your product.

Offering an effective SCA implementation that ensures a frictionless purchase path and avoids revenue losses due to 3DS downturns, PayPro Global’s MOR ensures that all your operations run smoothly. 

Through multi-level internal systems that merge advanced fraud monitoring tools, automated alerting systems, and machine learning algorithms with regular audits and manual verifications, PayPro Global can proactively detect and rapidly address any anomalies or performance barriers.

As a PCI-DSS Level One Certified partner, we ensure the highest payment security standards are upheld. 

Find out more about our all-inclusive payment infrastructure and how you can gain access to a platform that can strategically scale your business in global markets.

Final Thoughts

Payment failures, loss of customer trust, and hindered user experience are all real death sentences for SaaS businesses. By connecting these grim perspectives to the PSD2 legislation, the anxiety around this topic is understandable. 

However, the real culprit isn’t the directive but the manner in which it is managed and implemented. 

So don’t be quick to point your finger at third-party providers as the bad guys in the payments market.  

PSD2 is, in fact, beneficial for businesses. It regulates the industry, ensures a healthy level of fair competition, protects consumers, and keeps entrepreneurs from losing online puto fraudsters. 

So actually, being PSD2 compliant is not only mandatory but a strategic step to growth. 

Especially if you choose to partner with a Merchant of Record

Because In that case, the route to compliance is significantly simplified. 


Frequently Asked Questions

What is PSD2, and why is it important for the SaaS industry?

PSD2 is the revised Payment Services Directive introduced by the European Union to regulate electronic payment services. It's an essential framework for the SaaS and software industry, aiming to boost security and improve transparency standards. Also, PSD2 has a significant impact on both payment processes with the goal of enhancing customer trust.

Who is obligated to comply with PSD2 regulations?

PSD2, specifically Strong Customer Authentication (SCA) provisions, is a directive that payment providers (PSPs), financial institutions, banks, and businesses must comply with.

How does PSD2 compliance impact SaaS companies?

Although SaaS businesses might not feel they are directly impacted by PSD2, the truth is they are. The increasing level of complexity, compliance costs, and potentially affected customer experience that follow the imposed security measures and friction in the payment flow constitute indicted consequences of PDS2.

What are the financial and legal consequences of non-compliance with PSD2?

Non-compliance with PSD2 can lead to fines, operational disruptions, legal actions, revenue losses, and damage to customer trust and brand reputation. It can also possibly lead to your merchant account being closed by the payment processor if you don't comply.

How can a Merchant of Record simplify PSD2 compliance for SaaS companies?

A Merchant of Record can significantly simplify PSD2 compliance by minimizing complexity and costs, offering payment expertise, improving customer experience, and implementing robust fraud protection mechanisms.


Meir Amzallag

Co-founder and CEO of PayPro Global

Ioana Grigorescu

Content Marketing Manager at PayPro Global

more authors

Know first. Act fast.

It doesn’t take luck to make it, but it does take knowledge. Be the first to learn the latest industry insights and must know marketing tips and tricks. Sign up and enjoy! Always informed. Never Spammed.

Join our newsletter

Subscribe to our newsletter and stay up to date with the latest news!