PSD2 One-leg Transactions


PSD2 One-leg Transactions are also known as PSD2 One-leg Out Transactions. These two terms are entirely identical, nonetheless, there can be some misconception over the meaning and utilisation of it. The implications come from the extra-territorial scope of PSD2. The Payment Service Providers (PSPs) might be obliged to comply with the PSD2 regulations even though they are located outside the EU or European Economic Area (EEA) and their website getting transactions is a non-EU. In the following document, you will find out precisely when the PSD2 applies and how to understand PSD2 One-leg Transactions correctly.


PSD2 one leg out

A Two-legged transaction determines that both the payment receiver (merchant) and the customer are located within the EU or EEA. Hence, PSD2 Strong Customer Authentication (SCA) is required on all payer-initiated transactions. In cases where only one of the two aforementioned parties is within the EEA, the SCA may not be required but is advised. This type of transaction is known as PSD2 One leg Out transaction and it falls within the scope.


EU/EEA merchant vs non-EU/EEA customer

Assuming that a US consumer will avoid SCA is faulty and they might be affected if a merchant does not abide by the PSD2 regulations. Even though a US consumer is outside the EU and EEA and it has nothing to do with the SCA or PSD2, the SCA regulations are enforced on the merchant. The PSD2 directive does not force banks and PSPs outside the EU and EEA to use Strong Customer Authentication, however, it might lead to rejected payments for the consumers making purchases within the EU and EEA.

The confusion might arise when a US customer initiates a transaction on an EEA merchants website. The merchant’s PSP will apply the SCA protocols to the consumer's bank, thus the transaction may be denied if an Issuer Bank does not support it.

To avoid these complex circumstances and retain the high percentage of successful transactions coming from overseas, a merchant should take the SCA exemption route. With the Strong Customer Authentication exemption, the Issuer knows that there are legitimate reasons why this transaction is exempt from SCA. In such a case, it is ensured that the PSP is not in breach of PSD2 compliance and there is no liability shift towards the Issuer for not supporting SCA.


EU/EEA customer vs non-EU/EEA merchant

The SCA applies to all businesses within the EU/EEA area. Therefore, if a US business (PSD2 One leg Transactions) receives a transaction from an EU/EEA customer it must ensure that PSD2 and SCA are ready to use and compliant. If this business decides to withdraw these regulations then there is a high likelihood that the majority of the transactions will be declined and will fail transaction authentications.

In case a business receives an insignificant amount of EU/EEA customers and is not encountering huge losses due to the failed transactions (PSD2 One leg Out Transactions), then it can take the risk and ignore those customers. However, if it has a significant number of EU/EEA customers it is best to ensure PSD2 compliance and SCA application.

Get started now!

No trial period. No credit card. Free forever.

Join our Newsletter

We frequently share industry news and Nordigen product updates to our closest friends, fintech innovators and industry experts. Sign up to our newsletter to hear more from us.

By providing your email, you accept
Nordigen's Privacy Policy.