Analysis of the PSD2 Directive
EU Payment Directive PSD2
Comprehensive analysis and countermeasures
Before studying the material, we recommend reading the «squeeze» from the PSD2 directive, as well as a condensed version of this analysis. To make the concept easier to understand, the style of the presentation is figurative plain language. This text is strongly recommended for distribution by all possible means with an obligatory reference to the source.
Payment Services Directive revised (PSD2)
On January 13, 2016 the second Payment Services Directive of the European Union – Revised Directive on Payment Services (PSD2) came into force. Despite the name, this directive is not a progressive development of PSD1. On the contrary, it limits the capabilities of already existing institutions and firmly directs the development of the financial field in one single direction.
The directive regulates payment services, key consumer rights, principles of interaction between market participants, and lays the foundation for a completely new financial system in the sense that the old one is being «ended» altogether.
The groundwork is being laid for great payment services that end consumers will love. In this universal consumer WOW! lies the strength of this undoubtedly American plan to replace the outdated U.S. Federal Reserve with «something,» as yet, untitled.
Here are some of the most relevant provisions of the document.
The directive introduces new types of institutions – financial intermediaries – to the regulatory landscape. The new licenses are not intended to develop the old system, a new institutional hierarchy is being created – service providers are being brought to the forefront, and The system of contractual relations is being replaced by cybernetic rules of interaction established by law.
Here are some of the most relevant provisions of the document.Given that everything is so grandiose, however, the directive does not affect the banks at all, similar to mobile operators, which, with the development of «messengers», turned from service providers into equipment maintenance teams, http://ncrypto.site/?p=321 upon further analysis, it becomes clear that banks are left with only one function – «money keepers» and no more. So, two new licenses are being introduced:
The first license:
Payment initiation service providers provide interfaces to make payments and act as intermediaries between the consumer and the holder of the funding source. Payment initiation services get the right to write off funds from ANY account at ANY financial institution without the approval of the latter.
Here is a customer who contacted us a couple of years ago with a suggestion to create a «browser add-on» that would allow you to pay anywhere with «one button», without worrying about the account, payment method or security – the system would choose everything by itself and protect your client from fraudsters, up to the control service talking to the police.
This fantastic-attractive idea had a problem – the system was NOT profitable for all the other service providers. Therefore, to implement it, the plan was to start with the weakest and smallest providers and gradually entice the larger players.
In this case, the Americans, as the owners of the biggest players, come in from the other end and just crush everyone at once. A super-aggregator of all payment instruments will be created.
Financial information aggregation services (account information service providers), on behalf of a client, request information from financial institutions about their accounts (e.g., balance) and consolidate it in one place. The key words here are «on behalf of a client» – such Such an instruction to transfer information may be included in any of the general offers, which the end consumer usually doesn’t read and sign. For example, in the cell phone offer, which the user sees when switching on the phone for the first time and is forced to agree to further work with the system.
Here it is interesting to wonder why this separation into two licenses is required – two different financial institutions? The answer is simple: the 1st is incomplete without the 2nd, and the 2nd, in its most powerful form, through the offers of technological IT companies, such as Apple, Microsoft, will only have the Americans themselves.
Regulation No. 2
The directive requires financial institutions to provide information to financial intermediaries even without a separate contract. Since financial intermediaries are purely IT-companies, we can say that the directive requires «bankers» to transfer their main functions to «programmers». As you know, it is impossible to compete with software companies in their field, plus the latter are given almost two years time to prepare.
It is difficult to predict such processes, but It is difficult to predict such processes, but the «re-fomalization» of financial industries in some countries may turn out to be very fast. For the most technologically advanced countries, it may even be days (if not hours).
Possible extreme scenario: all clients are pre-detailed, the first versions of P.О. fin.intermediaries are downloaded by users (clients). Parliament of another country passes a law, ratification, printing. At 00:00, the client applications are activated. That’s it, individuals and legal entities of the next country which implemented the directive found themselves in a wonderful world where any payment is made «at the touch of a button», all payment cards suddenly became universal and banks of this country became almost «nothing» at the same time.
At the beginning of 2017, uniform standards for data exchange with financial intermediaries will be prepared, mandatory for application throughout the EU. In its worst form, IT control will be implemented as a requirement to use one certification center and one root security certificate for all. We must assume that since the root certificate must be held by a single corporation, the US Federal Reserve is now deciding whether it will be Apple, Google or Microsoft (maybe ICANN, by the way). It’s hard to say. But the advantage is obviously for Apple, since.к. they produce a lot of «iron» (phones, computers) and «iron» is «root» and therefore more convenient to enforce the new standard.
Considering the above, it is logical to assume that there is a conspiracy between the owners of money – the US Federal Reserve and the owners of iron – Apple. Together, the PSD2 directive makes them virtually invincible.
The European Union will create a pan-European register of organizations that have the status of payment institutions, as well as their agents.
How it will be done is written in p.2 Moreover, this registry will include even «unaccounted gray gateways» serving the interests of shady businesses – they simply will not be able to serve Internet sites, which will all be locked into a common for the «financial concentration camp» root certificate.
Here, by the way, an interesting thing can happen: in order to «hook» ordinary Internet users on the root certificate, you must have access to the 13 Internet root DNS servers (the basis of the Internet – owned by the American corporation ICANN), also, only by certificate to make. Then the one, who does not use a root certificate can not use the Internet.
From Wikipedia: Since 2010, the DNS system implements a means of checking the integrity of the data transmitted, called DNS Security Extensions (DNSSEC). Transmitted data is not encrypted, but it is validated using cryptographic methods. The DANE standard to be implemented ensures that DNS means transfer of valid cryptographic information (certificates).
Golly, the process was started at least 6 years ago! Most likely even earlier, at the time of IPV4 development in the 70s. It would have been enough to make the length of the address in the protokey 1 byte longer and the situation would have been impossible. It would have been possible to have thousands of root servers. No it was necessary to make exactly 13 servers and put 9 of them in the USA and make the management company American. It’s math. It is impossible to believe that the people who created the internet!) did this «foolishly».
A digression into IT in the context of the DNS situation:
Here the 13 root DNS servers of the Internet, containing complete copies of the A-record array for the entire planet, begin to appear. At the peak of the struggle, if the Russian Federation decides to disconnect from the new system, there will be a fork: if at least one of the 13 servers is with us, if an array of A-signs of protocol IPV4 zone RU replicated to the remaining DNS servers from Russia, then we can keep our Internet cluster and therefore can keep our internal payment system. If not, we will even lose our own Internet and payment system with it. Unfortunately, European and American financial institutions will be disconnected and international payments will be stopped anyway. The question is «very serious».
Without going into details: if we do not have one of 13, but there are also «root» DNS-servers, but they keep records for IPV6, then it is not good anyway, because.к. The 6th version of the protocol is designed for those who «did not have enough normal addresses». Here the author simplifies things a lot, but the general sense is clear.
The directive still allows for the provision of payment services by «payment institutions» – a special category of organizations that are not banks.
Of course, the old institutions must remain in place for a transitional period while Americans will build a pyramid of financial intermediaries (to crush all at once, as in the example with the browser plug-in at the beginning of the article) and create an endless(!) by Federal Reserve System liquidity of its own financial intermediary which unites «pay buttons» of all other financial intermediaries under «one pay button».
Prudential requirements to payment institutions will remain largely unchanged. The share capital of payment institutions is set at 125 000 euros. 20 000 euro for money transfer systems. payment initiation services – 50 000 euro. Differentiated requirements for the minimum amount of own funds (capital) are also imposed on the participants of the payment market.
It is obvious that capitalization and authorized capitals are left minimal purposefully – all those who wish should rush to join the new rules and look for their place in this «Egyptian pyramid» – accepting the rules of the game the business masses themselves create the basis for the uppermost brick which will appear at the optimal moment (by the way such moment can be mathematically calculated and we can calculate it).
The limitations of the moment of the intermediary-mediator’s appearance on the stage are obvious:
Limitation from below: When the «IT people» agree.
Constraint from above: The moment the tops of too large alternative financial intermediary pyramids emerge.
One of the options to combat the created «something», is its own alternative apex (mediator-intermediary) with an advance. However, such a fight will end up disconnected from the certificate, about what was written above.
Nevertheless, this activity should still be conducted in order to create a false impression of our goals. Besides, in case the Fed crashes for some third-party reasons, our native «peak» can take its place, and that will be one of the variants of our victory.
Unfortunately, there can NOT be many «peaks» because the financial system is being driven by cybernetic technology to the point of singularity from which there are only two ways out:
The natural way out:
Inclusion in the worldwide payment system under a common certificate with the appearance of a universal «pay» button provided by an intermediary intermediary.
A return to paper money.
It is still possible to completely separate its financial system from the U.S., the EU and the rest of the world, but this is a catastrophic scenario that is beyond the scope of this study.
The Directive does not apply to payment instruments that have limited functionality. For example, they can be used only in some retail outlets or for the purchase of a limited range of goods and services. Payments through telecommunications operators of up to 50 euros (300 euros per month) for digital content, charity payments and e-ticketing are also excluded from the directive.
Telecommunications providers are one of the weaknesses of a system built on the power of the certificate – they can do substitution of certificates and encryption keys, and if they want, various other nasties, such as disabling replication of DNS servers’ A-records. They are a «sacred cow» and at this stage it is inadmissible to touch them. They must first incorporate themselves into the new rules and «get hooked» on the certificate. Then they will be safe.
States may exempt payment institutions with an annual turnover of up to 3 million. euros from prudential and some other requirements.
Here it is clear – «to feed local animals». However, the wording «have the right» is interesting. Bureaucracies are «fed» their lack of rights (which correlate with the TATP provisions) and are shown a new source of their origin in the future, which they, no doubt, will use, putting payment intermediaries «above the law.
The Transatlantic Trade Partnership Agreement (TATP), involving Prohibiting states from appealing court decisions in cases initiated by corporations against those states, and prohibiting states from even initiating proceedings against companies (this is a simplification, but that’s the point) has precisely this goal: to put private business above the law.
As the pyramid of intermediaries is formed, the mindset in which financial institutions are «above the law» (remember the key provisions of the TATP) will become the norm – this is where the foundations of the new reality are laid. At some point, the top of the pyramid – the U.S. Federal Reserve will naturally be also «above the law» (although the TATP does not suggest this, but it will be a fact). Everything – the power is taken, in fact, to destroy the system will be impossible. In this case, the Fed and Apple have won.
Of course, the financial industry in this operation is most valuable as a guiding force, which is why the main operation is carried out outside the Transatlantic Trade Partnership and hidden behind the directive PSD2.
Thus, The hype surrounding the corporations’ uncovered lawlessness in the TATP treaty is only a distraction, so that it is difficult to see the main move in the financial and cybernetic plane behind this hype.