Payment Services Directive & eIDAS

Since September 2019, payment service provider applications are obligated to meet the new requirements for authentication and communications security set by the European Banking Authority (EBA). If your organization needs a certificate to comply with PSD2, please contact us at: and one of our specialists will reach out to you.

PSD2 - About Icon
What is the Payment Services Directive 2?

PSD2 is created to implement enhanced privacy and digital security measures for all Payment Service Providers (PSPs), including banks. Due to the sensitivity of financial services transactions, the European Banking Authority (EBA) issued the revised PSD2 Regulatory Technical Standards (RTS) requiring—among other measures—the use of digital security certificates issued by a Qualified Trust Service Provider (TSP) in accordance with eIDAS standards. Throughout the EU, “Qualified Certificates” will provide special status in regulatory contexts.

PSD2 - Regulation Icon
What are eIDAS Qualified Certificates?

eIDAS (EU Regulation 910/2014) is a set of European Union regulatory standards which define the requirements for PSD2 certificate compliance with digital certificates. This includes standards designed to verify their holders’ identity, as well as the operation of the Qualified Trust Service Providers (TSPs) that issue them. Certificates which are issued in accordance with eIDAS standards by Qualified TSPs are also known as “Qualified Certificates” and provide special status in certain legal and regulatory contexts across the EU.

PSD2 - Banking Institutions Icon
Why do I need Qualified certificates for PSD2?

PSD2 requirements enable digital certificates to be used to identify PSPs and banks, verify their licensed roles, encrypt communications, and in some instance to provide tamperproof seals on transactions or data. The PSD2 Regulatory Technical Standards (RTS) specify that only eIDAS certificates issued by Qualified Trust Service Providers (TSP) may be used for identification of PSPs, due to the sensitivity and privacy required for financial services transactions.

Available PSD2 Qualified Digital Certificates

Qualified Web Authentication Certificate (QWAC)

Validate your identity and role as a Payment Service Provider to customers and other businesses, whilst also encrypting and authenticating sensitive data with QWAC certificates.

Qualified eSeal Certificate (QSealC)

Opt for the QSealC certificates to “seal” application data, sensitive documentation and other communications to ensure they are tamperproof and originate from a trustworthy source.

Choosing a PSD2 Certificate

PSD2 certificates offer different protection options depending on use cases.

About QWAC QSealC
Where is it used? Identifies end points, protects data during communication Identifies origin of document or data and makes it tamperproof in communication and storage
Security features Confidentiality, authentication, and integrity Authentication and integrity
Does it provide legal evidential value for transactions? No Yes under eIDAS
Is data protected when passed through an intermediary? Protects in direct peer-to-peer communications End-to-end, even if passed through intermediary

Benefits & Features of PSD2-Qualified Certificates

Establish compliance with the latest legislative regulation contexts across the EU

Assure clients & stakeholders with the highest-level security measures

Ensure your infrastructure and operations are properly configured at all times.

Get in touch with one of our experts today

To find out more about PSD2-qualified certificates and how it can affect your business, get in touch with our trusted, SSE-accredited consultants for a FREE no commitment consultation: