PSD2 widens the scope of PSD1 by covering new services and players as well as by extending the scope of existing services (payment instruments issued by payment service providers that do not manage the account of the payment service user), enabling their access to payment accounts.
PSD2 includes transactions with third countries when only one of the payment service providers is located within the EU ("one-leg transactions").
To make electronic payments safer and more secure, PSD2 introduces enhanced security measures to be implemented by all payment service providers, including banks. In particular, PSD2 requires payment service providers to apply strong customer authentication (SCA) for electronic payment transactions as a general rule. To that end, the Commission adopted rules that spell out how strong customer authentication (SCA) is to be applied.