Question ID
2025_7672
Legal act
Directive 2015/2366/EU (PSD2)
Topic
Other topics
Article
n.a.
Paragraph
n.a.
Subparagraph
n.a.
COM Delegated or Implementing Acts/RTS/ITS/GLs/Recommendations
Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
Article/Paragraph
32(1) and 32(3)
Type of submitter
Other
Subject matter
PSU support in dedicated and redirected interfaces.
Question

In the context of Article 32 of the RTS (Commission Delegated Regulation (EU) 2018/389), are ASPSPs required to provide PSUs with access to support channels (e.g., helpdesk, chat, telephone) within redirected authentication and authorisation interfaces for payment initiation, at a level equivalent to that in their standard online banking interfaces?

Additionally, could you please clarify whether the absence of such support channels in the redirected payment initiation interface constitutes a functional obstacle under paragraph 3 of Article 32?

Background on the question

Article 32(1) of the RTS (Commission Delegated Regulation (EU) 2018/389) requires that Account Servicing Payment Service Providers (ASPSPs) that have put in place a dedicated interface shall ensure that the dedicated interface offers the same level of availability and performance, including support, as the interfaces used by PSUs for direct online access to their accounts.

Article 32(3) specifies that dedicated interfaces must not create obstacles to the provision of payment initiation services. Obstacles may arise if the user experience in the redirected payment initiation journey differs from that in direct online banking.

Support channels, such as helpdesk, chat, or telephone assistance, are typically part of the user-facing service in online banking. Observations from practice indicate that, in many cases, dedicated payment initiation interfaces do not provide any support channels for PSUs. Even when support is available, there may be differences in how guidance and assistance are provided, which can affect the user experience.

In practice, it has been observed that support offered in connection with dedicated payment initiation interfaces does not always fully meet the needs of PSUs. For example, support teams may not always be aware of the existence or functioning of dedicated payment initiation interfaces and may therefore be unable to guide PSUs effectively. In other cases, PSUs may receive cautionary information regarding potential security risks, such as phishing or vishing, which can create uncertainty and confusion during the payment initiation process. Additionally, when PSUs report issues encountered during payment initiation, these may sometimes be attributed to the PISP rather than being investigated or addressed within the ASPSP’s own interface.


Such situations highlight the importance of providing support within dedicated interfaces at a level comparable to that available in standard online banking channels. They also underline the relevance of ensuring that support teams are adequately prepared to assist PSUs in the context of payment initiation services.

Clarification is requested on whether the same level of support should be provided within the redirected payment initiation journey, and whether any differences in the availability, accessibility of such support (or in aspects that could affect the effective use of the interface by PSUs) could be considered a functional obstacle under Article 32(3).

 

Submission date
Final publishing date
Final answer

Article 32(1) of the Commission Delegated Regulation (EU) 2018/389 requires account servicing payment service providers (ASPSPs) that have put in place a dedicated interface to ensure that the dedicated interface offers at all times the same level of availability and performance, including support, as the interfaces made available to the payment service user (PSU) for directly accessing its payment account online.

As the dedicated interface is an access interface made available to third‑party providers (TPPs), namely account information service providers (AISPs) and payment initiation service providers (PISPs), and not to PSUs, the reference to “support” in Article 32(1) concerns support provided to TPPs, and not customer support offered to PSUs. While in a redirection approach the PSU typically authenticates via the ASPSP’s own customer interface, Article 32(1) regulates the dedicated access interface made available to AISPs and PISPs, and not the customer interface used by the PSU for authentication.

A failure by ASPSPs to ensure an equivalent level of support for TPPs using the dedicated interface would therefore constitute a breach of Article 32(1).

As regards Article 32(3), whether the absence of support offered to the PSU when the PSU authenticates with the ASPSP (using the ASPSP’s customer interface) as part of the authentication procedure with the ASPSP in an AIS or PIS journey constitutes an obstacle within the meaning of Article 32(3) must be assessed on a case‑by‑case basis. The mere absence of access to customer support channels for the PSU during the authentication procedure in an AIS/PIS journey (where the PSU is using the ASPSP’s customer interface) does not in itself constitute an obstacle within the meaning of Article 32(3), where the same applies when the PSU directly accesses its payment account via the ASPSP’s customer interface.

Status
Final Q&A
Answer prepared by
Answer prepared by the EBA.

Disclaimer

The Q&A refers to the provisions in force on the day of their publication. The EBA does not systematically review published Q&As following the amendment of legislative acts. Users of the Q&A tool should therefore check the date of publication of the Q&A and whether the provisions referred to in the answer remain the same.