DigiCert QuoVadis

Contact Us

For more information, please contact us at:
+32 (0) 15 79 46 15
info.be@quovadisglobal.com

Qualified TSP

Qualified TSP

PSD2 Certificates

Solutions for PSD2 compliance

 

The revised Payment Services Directive (PSD2) deadline is September 2019 and affects all Payment Service Providers (PSPs) and banks operating within the European Union. Learn the steps you need to take to ensure your business meets the new regulatory standards, using PSD2 QWAC and QSealC certificates.

Download our FAQ on PSD2 Certificates


What is PSD2?

PSD2 covers many facets of the electronic payments market, but notably introduces enhanced privacy and online security measures that must be implemented by all banks and Payment Service Providers.

In general terms, the directive aims to: 

  • Create a more integrated, reliable, efficient and secure European payments market
  • Level the playing field for all PSPs across the EU
  • Provide more consistent consumer protection.

What does PSD2 require?

Due to the sensitivity of financial services transactions, the European Banking Authority (EBA) issued revised PSD2 Regulatory Technical Standards (RTS) requiring the use of digital certificates issued by a Qualified Trust Service Provider (TSP) in accordance with eIDAS standards.  These certificates are known as “Qualified Certificates” and provide special status in certain legal and regulatory contexts across the EU.

DigiCert + QuoVadis is a Qualified TSP and member of PRETA’s Open Banking Europe directory initiative for PSD2.

What are the timelines for PSD2 compliance?

  • Phase 1: March 2019 - Banks and PSPs are required to provide a PSD2 Qualified test environment in which third-party vendors can identify themselves and access test accounts.
  • Phase 2: June 2019 - Companies must transition from test certificates to production PSD2 certificates and open their live system (with real customer accounts) for access by licensed, third-party vendors.
  • Deadline: September 2019 - All financial institutions operating within the EU are committed to full, live operation in accordance with the new regulatory standards.

Two options for PSD2 Qualified digital certificates

The PSD2 Regulatory Technical Standards (RTS) describe two options for Payment Service Providers to comply with the requirements:


Qualified Web Authentication Certificate
(QWAC) 


Qualified eSeal Certificate
(QSealC)

 QWAC certificates validate your identity and role as a Payment Service Provider to your customers and other business, while encrypting and authenticating sensitive data.

 QSealC certificates “seal” app data, sensitive documents and other communications to ensure they are tamperproof and originate from a trustworthy source.

 

Three steps to get ahead of PSD2 compliance—and avoid costly delays.

1. Avoid deadline-day disruptions with PSD2 test certificates

PSD2-compliant test certificates demonstrate that you are prepared to meet the PSD2 Regulatory Technical Standards (RTS). More practically, it ensures your infrastructure and operations are properly configured before the deadline arrives.

2. Order Qualified certificates for PSD2

QuoVadis Trustlink B.V. is a Qualified Trust Service Provider offering QWACs and QSealC certificates that meet the PSD2 certificate standard ETSI TS 119 495, including PSD2 roles validated with the appropriate National Competent Authority (NCA).  QuoVadis can issue PSD2 certificates to institutions in any country.  Our European teams can help ensure your business meets the new standards for authentication and communication security.

3. Schedule your face-to-face validation

With offices in the Netherlands, Belgium, Switzerland, Germany and the UK—as well as local teams throughout Europe—we’re positioned to make the Qualified validation process as painless as possible and help you avoid any delays.

Register for a PSD2 QWAC here

Register for a PSD2 QSealC here

 For more information, please contact psd2@quovadisglobal.com.