The transition from PSD2 to the Third Payment Services Directive (PSD3) and the Payment Services Regulation (PSR) shifts the burden of fraud liability squarely onto the shoulders of Payment Service Providers (PSPs). For builders, this creates a UX Paradox: the law incentivises you to add friction to the checkout process to mitigate your own financial liability.

The Death of the ‘One-Click’ Dream The PSD3 Proposal tightens rules around Strong Customer Authentication (SCA), specifically regarding ‘Transaction Risk Analysis’ (TRA). If your product relies on seamless, low-friction recurring payments, the new directive may force a re-authentication of users more frequently than your current model predicts.

A Strategic Mitigation Path To address this without tanking your conversion, developers should prioritise the implementation of Dynamic Risk-Based Authentication (RBA).

The system architecture should involve a ‘Risk Scoring Engine’ that evaluates five core datapoints in milliseconds:

1. Device Fingerprinting: High-velocity changes in device ID.

2. IP Geolocation: Mismatches between the user’s registered jurisdiction and current location.

3. Behavioural Biometrics: Typing speed or touch-screen pressure patterns.

4. Transaction Velocity: Unusual frequency of payments within a 60-minute window.

5. Historical Whitelisting: Recognition of the merchant as a ‘Trusted Beneficiary’ by the user.

If the score exceeds a predefined threshold, the system should escalate the user to a biometric ‘Step-up’ challenge (FaceID/Fingerprint) rather than a traditional SMS OTP, which is increasingly viewed as an ‘Insecure Channel’ under the new guidelines. By building this ‘Intelligent Friction’ layer, you maintain a competitive edge in user experience while meeting the rigorous fraud prevention standards required for liability shift.

Actionable Horizon Scanning

The PSD3 and PSR frameworks are moving targets that will reshape the 2025 payments landscape.

Pericls provides business-specific roadmap enabling ‘Horizon Scanning’—identifying exactly which parts of your payment flow are at risk of non-compliance before the regulators flag them.

Book a Platform Walkthrough

The Pericls Team