Updated 07/09/2024
In force

Version from: 08/04/2024
Amendments
There is currently no Level 2 legal act based on or specifying Article 67.
QA2021_5755 - Other topics
Status: Final
Answered: 06/01/2023
Art. 67
QA2018_4309 - Strong customer authentication and common and secure communication (incl. access)
Status: Final
Answered: 21/12/2018
Art. 67, 67(2)(a)
QA2020_5249 - Strong customer authentication and common and secure communication (incl. access)
Status: Final
Answered: 18/03/2022
Art. 67(1)
QA2018_4098 - Authorisation and registration
Status: Final
Answered: 13/09/2019
Art. 67(1), 67(2)
QA2018_4077 - Strong customer authentication and common and secure communication (incl. access)
Status: Final
Answered: 12/03/2021
Art. 67(2)
QA2023_6946 - Other topics
Status: Under Review
Published: 21/12/2023
Art. 67(3)(b)
QA2020_5165 - Strong customer authentication and common and secure communication (incl. access)
Status: Final
Answered: 18/03/2022
Art. 67(3)(b)
Search within this legal act
PSD2 ToolPayment Services Directive (PSD2)
Article 67

Article 67 - Rules on access to and use of payment account information in the case of account information services

Article 67

Rules on access to and use of payment account information in the case of account information services

1.  
Member States shall ensure that a payment service user has the right to make use of services enabling access to account information as referred to in point (8) of Annex I. That right shall not apply where the payment account is not accessible online.
2.  

The account information service provider shall:

(a) 

provide services only where based on the payment service user’s explicit consent;

(b) 

ensure that the personalised security credentials of the payment service user are not, with the exception of the user and the issuer of the personalised security credentials, accessible to other parties and that when they are transmitted by the account information service provider, this is done through safe and efficient channels;

(c) 

for each communication session, identify itself towards the account servicing payment service provider(s) of the payment service user and securely communicate with the account servicing payment service provider(s) and the payment service user, in accordance with point (d) of Article 98(1);

(d) 

access only the information from designated payment accounts and associated payment transactions;

(e) 

not request sensitive payment data linked to the payment accounts;

(f) 

not use, access or store any data for purposes other than for performing the account information service explicitly requested by the payment service user, in accordance with data protection rules.

3.  

In relation to payment accounts, the account servicing payment service provider shall:

(a) 

communicate securely with the account information service providers in accordance with point (d) of Article 98(1); and

(b) 

treat data requests transmitted through the services of an account information service provider without any discrimination for other than objective reasons.

4.  
The provision of account information services shall not be dependent on the existence of a contractual relationship between the account information service providers and the account servicing payment service providers for that purpose.