PSD2 and Open Banking
As of September 14th, 2019, the new EU Payment Services Directive 2 (PSD2) has come into effect. The new guidelines aim to increase security and competition in digital payments and simplify cooperation between banks and services like Zuper.
What is PSD2?
PSD2, the second payment service directive, enables bank customers to use third-party services like Zuper to gain secure access to their banking data. The PSD2 aims to increase competition in banking, by allowing fintech start-ups like Zuper to develop tools and service for better money management, more overview and insights into bank accounts, and more innovation in banking.
How does the PSD2 affect you?
From now on, banks will require an extra layer of authentication when logging into your online banking or when initiating payments. This is called 2-factor authentication. You receive the second factor from your bank, depending on which method they support.
Generally speaking, you will now have to authenticate yourself using two factors from the following three categories:
Knowledge = Something that only you know, e.g., PIN or user ID
Possession = Something that only you own, e.g., Smartphone or TAN generator
Inherence = A biometric feature of you, e.g., Fingerprint or face recognition
It is up to the individual banks to decide how often they require re-authentication from their customers. Some banks might require re-authentication for each login, while others might only ask every once in a while. All banks, however, are required to re-authenticate customers at least once every 90 days.Unfortunately, we do not have any influence on this process.
Banks will also no longer support the iTAN (paper TAN) procedure.. Furthermore, some banks won't use the TAN method via SMS (mTAN) anymore. In addition, your account number must no longer match your username.
All of these changes may differ from bank to bank. Please get in touch with your bank to see if and how these changes affect you.
Why does my bank automatically send me new TANs? (And how can I switch it off?)
Zuper requests new account information from your bank multiple times a day. Depending on how often your bank requires re-authentication, these queries may trigger new TANs.
While some banks require re-authentication every time Zuper requests account updates, other banks only require them once every 90 days.
Automatic updates can be deactivated in the settings. Go to Settings, tap Manage Bank Accounts, select the affected account, tap Edit, Change PIN, and then uncheck the Store PIN checkbox.
Please note that disabling automatic updates restricts the following Zuper features
My accounts do not automatically refresh in Zuper. What can I do?
If your bank requires 2-factor authentication every time you log in, then, unfortunately, it is not possible to carry out automatic updates at this time.
Of course, you can update your accounts manually at any time. To do this, authenticate yourself with PIN and TAN for each query in the Zuper app.
This is how it works: Go to Settings in the Zuper app, select in the menu Manage bank accounts , select the affected account, tap on the Refresh button and enter your PIN.
If you do not see a Refresh button next to the affected account, tap on the account, tap on Edit, tap on Change your PIN, enter your usual PIN, and tap on Update bank details.