Limitations
PSD2 is under constant development and unfortunately has some shortcomings. According to the PSD2 directive an end-user should be able to access the same data and receive the same user experience using a Third Party Provider (TPP) to access the bank as if the end-user logs into her bank. The reason for these shortcomings can mainly be divided into two: poor PSD2 compliance from the banks and inherent limitations in the PSD2 directive. With respect to the banks we and other Fintechs in the Nordics are part of a joint effort where we continuously monitor deviations and use the service: 33report (https://www.33report.eu/) to report obstacles to the Financial Authorities in each country.
Known shortcomings
- Not all accounts are defined as payment accounts (scope for PSD2) by the banks. This applies to for instance: tax withholding account ("skattetrekkskonto"), credit card accounts, share savings account, savings accounts
- Credit note payments are not supported (refund payments)
- Receivable are not supported via PSD2. Receivables must be ordered through the customer's bank og via Nets in Norway. With PSD2 an end-user gets access to bank statements, and in this case the receivables can be stacked together into a single entry in addition to providing less information.
- Batch payments are not supported, but signing of multiple payments is supported. Batch payments is an advantage for instance for salary payments where you would like to obfuscate each employee's salary for people with access to the account.
Shortcomings being addressed, but with an unknown timeline or solved for some banks but not others:
- Support for variable Recurring Payments (VRP) support, also known as "avtalegiro" and "e-faktura" in Norway. Not available for any banks today.
- Extending 90 day rule to 180 days for when Strong Customer Authentication (SCA) has to be performed. Will provide a better user experience.
- Static consent screens for TietoEvry banks (additional consent screen as to that from the TPP)
- Most banks (ASPSPs) do not offer decoupled authentication/app-to-app redirect.
- TietoEvry banks require an additional SCA for the first payment a PSU makes with a specific TPP and a specific TietoEvry bank.
- Variable support for Receiver's name and account. Ten TietoEvry banks do not provide account-holder name
- Variable support for archive reference
- Variable support for available transaction history. However, all banks give 12 months with a user present scenario.
- Variable support for how many payments can be approved in one operation, differs from bank to bank how big the signing basket is.
Also see the additional details in the Supported banks list for specific information about the different bank integrations.