Holvi Blog for Makers and Doers

New EU directive aims to reduce the risk of account misuse, says lawyer

Entrepreneurship, How to use Holvi · 09/10/19 07:47 · Ella-Roosa Koivupuro


The EU’s payment service directive sets new security standards. But what does this mean for Holvi users?


EU directive brings more security to payment services

When it comes to your money, you want to be sure that the services you use are safe and reliable. As money is moved around primarily in digital format, we see new threats emerging that require new protective measures. These concerns are now being directly addressed by the EU.

The first payment service directive (PSD) was put into place in 2007, with PSD2 following shortly thereafter in early 2018. One part of the new directive that came into force in 2019 is the secure customer authentication requirement.

Payment service providers are now required to add an extra layer of security in customer authentication when a customer, for example, logs into their account or verifies an outgoing payment. The digital environment is constantly evolving, and legislation is in a rush to stay on schedule.

“The first payment service directive came into force in 2007, and in more than 10 years it has become outdated. The new directive updates the old regulation: it covers new payment services and aims to keep the regulation up to date with the market development”, Jenna Tirkkonen, Holvi’s Legal Counsel, explains.


284A1847Jenna Tirkkonen, Holvi’s Legal Counsel.


What is “strong customer authentication”? 

PSD2 stipulates that payment service providers (such as Holvi) authenticate their customers strongly, and a username and password alone will no longer qualify.

“Customers have to be authenticated strongly according to PSD2 when they access their account online, initiate an electronic payment or take other actions that include the risk of misuse or fraud. For example, card payments both in-store and online are viewed as such electronic payments”, Jenna explains.

Why is it not enough to authenticate customers strongly only when they open their account for the first time?

“When a customer opens an account for the very first time, the payment institution has to ask information about the customer and store it based on anti-money laundering regulation. But when strong customer authentication is applied, the idea is to make sure that the payment initiator is the rightful owner of the account or the card. This protects the customer from potential misuse”, Jenna clarifies.

The directive sets certain criteria for strong customer authentication. It must cover at least two of the following:

  • Knowledge (something that only the user knows, e.g. a password), 
  • Possession (something that only the user possesses, e.g. a mobile phone), and 
  • Inherence (something that the user is, e.g. a fingerprint). 

In practice, payment service providers have to make sure that their customers use other means of authentication other than just a password. This is called two-factor authentication. If, for example, a customer’s password was hacked, the user can rest assured that the hacker cannot access their account.


Beginning in October, use the Holvi app for authentication 

Here at Holvi, we have addressed the issue of strong customer authentication with our mobile app.

You’ll still log in with our existing username (your email) and  password, but beginning in October, Holvi customers will authenticate logins and outgoing payments with a PIN code, touch ID or face recognition, depending on your phone. 

If you’re unable to download the app due to your operating system or geographical location, you can also complete the authentication with Google’s Authenticator app. You can read more about strong customer authentication in Holvi here.


Extra security for Holvi’s online store users

As strong customer authentication will be required when making a payment, the initiative also affects business owners selling via Holvi’s online store. But don’t worry – we’ve made sure that your online store is compliant and up to regulation. No action is required on your part!

When your customers buy from you online store, their credit card provider will ask for strong authentication, which Holvi online store enables. Good news for you: your online store meets the requirements of PSD2 and you can keep selling as usual!


Bank smarter with the Holvi app

We will implement the new mobile authentication gradually this month and inform our customers of the exact dates via email. In the meantime, we strongly recommend downloading and setting up the app right away.

Get more done with the Holvi mobile app:

  • Keep track of your money and view end-of-month balance estimation.
  • Save receipts digitally for your bookkeeping.
  • Make payments. 
  • Create, send and track invoices.
  • Manage your card settings, block if needed and check your PIN code.

Download the app now!

Download_on_the_App_Store_Badge_US-UK_135x40-5    playstore-en-fi

Join fellow entrepreneurs who already have a head start.

Read next

Life Balance and Contextual Banking - Holvi’s CEO on the State of Entrepreneurship in 2019


Entrepreneurship | 16/07/19 08:03

“There used to be this term ‘work life balance’, right?” 

Read more

A Holvian’s story – a former small business owner shares her best marketing tips


Entrepreneurship | 07/01/19 09:40

Small business owners love what they do. They’re passionate about their work and their customers. And, of course, they want new customers to find them. But when the actual work – and paperwork – ...

Read more

5 reasons to take the leap from employee to entrepreneur


Entrepreneurship | 28/11/18 14:48

Nowadays, it’s easy to start your own business and make a living on your own terms. No wonder entrepreneurship attracts more and more people. Many simply turn their hobby into a business or sell ...

Read more

Join fellow entrepreneurs who already have a head start.

The next generation of business banking

Holvi is a business account designed and built for entrepreneurs by entrepreneurs. Holvi account has everything your business needs, in one easy to use solution. 

  • Business current account 
  • Holvi Business Mastercard
  • Easier invoicing
  • Paperless bookkeeping

Open account