There is another bureaucratic gem coming out of Brussels soon call PSD2 that many online sellers will need to be aware of. That is worth checking with any of these billing solutions.
I donât think it will impact the online store operators as much as it will affect the Banks. The purpose of the directive is to force banks into releasing customer data (with the customerâs permission) to third party financial service providers. The biggest impact will be on the likes of PayPal etc, who will now be able to use historic and current customer data to tailor products and services that better meet the needs of their clients. Of course, if you are providing your own payment gateway (a financial service) you may qualify to gain access to bank account data. However, as most online retailers use third party payment processors, they are not likely to want to get involved in probing client accounts at the banks. The good news for us is that we are likely to see a surge in non-banking third party payment processors come on stream.
There was some guy on a Rapidweaver forum going into meltdown because he uses PayPal to sell online and apparently his bank is sending him letters about compliance. I did have the impression he was looking for complication though.
Maybe the guy was somehow collecting the clientâs payment details and storing it on his own server! The normal situation is that PayPal, in common with most payment processors, provide your website with a window into their secure servers, so it is they that must be compliant. Like you say, it could be the guy is overcomplicating things himself, or he has somehow circumvented PayPalâs normal security protocols. Talking of which, one of the payment options in the STIVA shopping cart provides for the collection of client credit/debit card data. This is designed for people who have a terminal through which they can manually process payments. If this option is used, the data must be fully encrypted, so that would be an important consideration for anyone using that facility. But, normal payment processors shouldnât give anyone any cause for concern.