PSD2

¿What is it?

PSD2 is the new European Payment Services Directive amending the clauses of contracts in relation to remote banking services, debit and credit cards and current and savings accounts.

The new European Payment Services Directive (PSD2) was transposed into Spanish law under Royal Decree Law 19/2018.

Its main objective is to increase the protection of the users of payment services, thus guaranteeing the security of transactions performed using new digital media, cards, the Internet and mobile phones, offering access to a growing range of innovative payment services across Europe.

What changes and benefits does it provide?

Greater security and information

• Your liability for losses resulting from unauthorised payment transactions is 50 euros when as a result of the theft or misappropriation of your cards or other payment means, provided that you have satisfied your obligations when it comes to safeguarding your payment means and passwords. Under the previous regulations, the limit was 150 euros.
• It speeds up the terms for resolving claims, from 2 months to 15 working days.
• It enhances authentication security requirements, with a view to preventing identity theft and password theft.
   

New account information and payment initiation services

These services may be provided by the bank or other registered payment service providers who are authorised and supervised by the Bank of Spain.

• Account information services: they provide the user of the payment service with aggregated information on one or more payment accounts held with their payment service providers, providing comprehensive information about their financial situation immediately. It requires prior consent from the customer, who chooses the accounts they would like to add and may revoke this consent at any time.
• Payment initiation services: allowing intermediaries to guarantee the payment made by the consumer to the trader as an alternative to card payments. The customer's prior consent is essential.
   

Banca March may deny these suppliers access to your payment account for justified reasons and to prevent unauthorised access and fraud. For security reasons, we will get in contact with you should this occur and we require your confirmation.

Execution of payment orders

Payments made in euros will be made, at the latest, the day following receipt of the payment order.

Any changes that are beneficial to you shall be applied immediately. If you do not agree with amendments to contracts, you are entitled to terminate them free of charge. Otherwise, it shall be understood that you accept them. You can request the most recent conditions applicable to your payment services at your branch.

SCA: what it is and how it affects you

On 14 September 2019, the European Payment Services Directive (PSD2) came into force requiring strong customer authentication for electronic payment transactions, with a view to reducing identity theft and password theft. This is known as SCA, or strong customer authentication.

From November 2020 onwards, for payment transactions where Banca March needs to verify your identity, two or more authentication factors will be used from the following characteristics:

• Knowledge: or something you know, like your PIN number or password.
• Possession: or something you possess, like a card, mobile phone, or digital certificate, etc.
• An inherent factor: such as a fingerprint, iris scan or facial recognition.

How will it affect you? 

When making an electronic payment, in addition to introducing your card details, expiry date or CVV (card verification value), you will be asked to validate the transaction from a secure environment operated by the Bank. 

First, log in to your Banca March app or online banking service using your passwords (1st authentication).

Then validate the transaction by entering the security key you will be sent by SMS on your mobile (2nd authentication).

If you don't yet have the App or use Remote Banking, when you shop online you will receive a validation SMS asking you to enter the result of a mathematical operation using two digits of your card PIN.

For recurring purchases or for purchases involving low sums, this two-step validation will not be necessary.

What do I have to do?

It is important that you register your mobile phone number with Banca March, and activate the option to receive notifications, as this will be necessary for transactions that require strong authentication.

If you have already registered, you can update your details at any time via the Profile and Settings section of your online banking, under the Mobile section.

If you are yet to register or do not yet use the bank's online banking service, contact your usual manager or branch as soon as possible.

If you have any queries, you can contact us at (+34) 971 779 111 or your usual manager or branch.

Technical information

PSD2 test environment 

At the following links, you'll find all the necessary information to connect to our API in the Sandbox test environment. This service is aimed at companies and professionals interested in acting as TPP (Third Party Payment Service Providers) and establishing a relationship of trust with Banca March and its customers.

Although the platform is monitored 24/7, TPPs can use a variety of channels for reporting incidents or raising queries:

• For queries relating to Sandbox and the test installation: psd2.sandbox.soporte@redsys.es
• For queries relating to the production installation: psd2.hub.soporte@redsys.es
• To resolve any queries or incidents that occur during the technical configuration process, you can also make contact using the following telephone number, which is available 24 hours a day: 91 728 23 21