Online banking

PSD2 makes online banking more convenient, faster and safer.

Since the 14. September 2019, savings banks and other financial institutions will implement the new EU directive PSD2 (Payment Services Directive 2). This has resulted in changes and improvements in payment transactions and online banking. The most important things for you at a glance:

More security
To log in to online banking, enter a TAN every 90 days. Automatic logout from online banking after only five minutes, instead of twelve minutes previously. Since you regularly need a TAN to log in to online banking, please make sure that you have access to your TAN procedure at all times, even when you are on the move.
More comfort
Intelligent security measures allow certain payment orders to be made without entering a TAN – for example, when making payments between your payment accounts at the same savings bank, via the so-called small-amount rule for amounts up to 30 euros, or via the option of being able to maintain a "TAN-free IBAN list. 1 If you use an app or software for online banking, make sure it is up to date.
More transparency
In online banking, there is a new function that allows you to conveniently manage account access from third-party services. You can see which payment initiation or account information services have accessed your account on your behalf. 2
More consumer protection
If you, as a customer, use payment service providers, they are entitled to ask for your account access data, such as PIN and TAN. However, payment service providers are not allowed to store your data. They must also ensure that your personalized data such as login name, PIN and TAN are not accessible to anyone else.

A brochure on your rights in pan-European payments and related Union law has been provided by the European Commission. Further information can be found here.

1 Please contact your savings bank to find out which payments are offered there without TANs.
2 You can revoke your account access consent at any time, directly to the third-party service or in your savings bank’s online banking service.

Advantages

More transparency and convenient multibanking

Another significant change is how authorized payment service providers can access a payment account held online and what information they are allowed to retrieve. The specific requirements for this were laid down by the European Banking Authority (EBA) and have been in force since 14 January 2009. September 2019.

These are the most important changes

Online banking apps or online banking software must be up to date.
Regular TAN entries when retrieving account information and automatic logout from online banking after as little as five minutes increase security.
Payments to yourself – i.e. between your payment accounts at the same Sparkasse – can be made conveniently without entering a TAN. 1
Small payments of up to 30 euros can be made without entering a TAN. 1 Intelligent security systems check on a case-by-case basis whether a TAN entry is required.
A TAN-free IBAN list (whitelist) can be set up and simplifies payment orders, which are thus usually released more quickly without a TAN. It may be, however, that the individual security systems of the savings bank still require a TAN. 1
If you commission a third-party service provider, they are authorized to request your account access data such as PIN and TAN.
Third-party services can be conveniently managed via online banking: You can see who of the authorized parties has accessed information and when, and can revoke further account access by third-party services.

Online banking software and online banking apps

Please note: If you use an app or software for online banking, you must have updated these applications to the latest version.

1 Please ask your advisor which payments are offered TAN-free.

Questions and answers

This is a legal requirement that is binding for all credit institutions. For this reason, the conditions at all savings banks and banks have been adapted and customers have been informed accordingly.

Payments that you make more frequently to the same recipients – such as transfers to your spouse – can be included in a new list of "TAN-free IBANs" (whitelist). Online orders to these recipients are then conveniently executed without the need to enter a TAN. 1

Many Internet merchants use third-party service providers for payment processing, so-called payment initiation services. To pay for a purchase by wire transfer, you no longer log in to your online banking, but confirm your transfer directly through the payment initiation service. As soon as you have given a payment initiation service access to your account data, it can initiate payments with your consent.

Another example is online portals. Here you can z.B. Manage contracts or accounts with different banks. This service is offered by account information services.

All third-party service providers must be licensed by the German Federal Financial Supervisory Authority (BaFin). With paydirekt and giropay, your Sparkasse offers simple and familiar alternatives to payment initiation services.

You can choose to access your payment account directly – for example, access your savings bank’s online banking directly, use financial management software or a banking app – or access it through a payment service provider.

This can be either an account information service or a payment initiation service. However, these new services can only retrieve account data or initiate payments with your express consent.

This service can, for example, initiate a transfer to the debit of a payment account at the account-holding credit institution on behalf of the customer.

This service can, for example, initiate a transfer to the debit of a payment account at the account-holding credit institution on behalf of the customer.

This service provides customers with secure information about one or more payment accounts.

In the service center of your online banking, you can see all the consents you have already given for third-party services and you can also revoke them there directly.

Important noteInformation and payment services can only access your data if you instruct them to do so.

You retain full control over your data. Only when you instruct a payment service provider to retrieve account information or execute a transfer, your data will be transmitted.

Access to data is possible only by your order using login name, PIN and TAN. This applies regardless of whether you use an Internet browser, financial management software or an app for online banking, or whether the account is accessed via a payment service provider.

The new payment service providers are obliged to use the retrieved data only for the specified purpose.

Access is initially only possible with your explicit permission. Services to which you have not given permission or your access data cannot access your accounts.

No, the security procedures for online banking that the savings banks offer today – i.e. chipTAN, smsTAN and pushTAN – already meet the new security requirements.

Mastercard® Identity Check™

Easy online payment

For your secure online card payments: Download the "S-ID-Check" app now, register and pay online.

Online banking and financial software

Professional solutions for your business

Choose the online banking option that best suits your business. Use the service offers of your savings bank to manage your finances comfortably and comprehensively.