• New "pay by credit card feature" not compatible with PSD2

@LauLaman#143583 Geld overmaken is uitgesloten van deze regel.

    Yes for payment methods other than creditcard and banktransfer it IS allowed. my point is that it is NOT allowed for creditcard payments. as i quote from there site:
    "Betaalt u met uw creditcard van bijvoorbeeld Visa of Mastercard? Of met automatische incasso of overschrijving? Dan mag de verkoper daarvoor GEEN extra kosten meer rekenen. Voor andere betaaldiensten, ..."

    So the point is that the article is very clear on the creditcard fees

      @LauLaman#143583 Hi ๐Ÿ‘‹๐Ÿผ Laurens,

      I'm already in discussion with bunq compliance department about this, and I will let you guys know as soon as I have more information.

      You are correct. In a B2C situation, PSD2 doesn't allow a company to charge a fee for credit card ๐Ÿ’ณ payments (unless it is a business credit card ๐Ÿ’ณ like AMEX). So, strictly formal speaking, bunq can ask for a fee... on every page they want. But the clue is more that a business users can't use this bunq.me payment option in all cases anymore.

      My suggestion would be.. to remove fees from the bunq.me page... and charge their business users via the monthly invoice. That would make it simple for everyone. Despite that.. bunq also would have to make a choice if they will keep fees for non-bunq users. So that you see fees on bunq.me

        @LauLaman#143591 Een "verkoper" mag geen extra kosten rekenen. Maar dit is geen verkoop, maar alleen een monetaire transactie. Daarvoor gelden andere regels volgens PSD2. Het artikel waar je naartoe refereert, is een samenvatting van de PSD2-wetgeving, waar niet alle uitzonderingen instaan.

        Maar het zou kunnen dat je als bedrijf dus niet altijd gebruik mag maken van bunq.me

          @pbruins84#143593 Dat is precies mijn punt. Ik denk... dat je dit zeker vanuit de consument gezien... bunq.me gezien kan worden als een betaalmethode in een zakelijke context. Ik vind het lastig uitlegbaar aan mezelf dat dit formeel een overboeking betreft. Denk niet dat men zo'n statement kan volhouden. Maar wie ben ik :)

            I would als be for completely removing the fees from bunq me and charge them to the person who requests the payment.

            In combination with an option to allow credit card payments this would give users the freedom to decide wether they want to waive the fees or not accept this type of payment.

            For personal accounts I would like bunq to count those requests to your monthly top up limit since it causes the same costs (and possibly lower the minimum amount)

              @pbruins84#143593 I don't agree with you on this. Bunq acts in this case as the PSP. Therefore it acts on behalf of me as the business to collect the money by processing a payment.

              The B2C surcharge ban applies where:
              - the consumerโ€™s bank or card issuer and the payment provider of the merchant are both located in the EEA; and
              - the consumer makes a payment using a debit or credit card, or an EUR payment using direct debit or credit transfer (i.e., a SEPA payment).

                @DaJonas#143596 Exactly like they already do for "normal" payment request. This would solve this problem.

                  @LauLaman#143598 So in essence, bunq may not charge for using a creditcard to pay a request link or a bunqMe page ?

                    DIRECTIVE (EU) 2015/2366 - Article 62
                    "In any case, Member States shall ensure that the payee shall not request charges for the use of payment instruments for which interchange fees are regulated under Chapter II of Regulation (EU) 2015/751 and for those payment services to which Regulation (EU) No 260/2012 applies."

                    in "article 3 - Exclusions" and in 2015/751 and 260/2012 I couldn't find quickly an exception why article 62 wouldn't apply to bunq.

                    But.. I'm not an expert (just a curious dog ๐Ÿ•) so maybe I'm missing something here.

                      @JohnDo#143761 it is simply not allowed, and as the bunqMe pages and payment request links in general do not distinguish between B2B and B2C for the end-user, foreign to bunq using them, there should not be a surcharge for either. bunq essentially has to absorb the costs involved acting as PSP, charge them to the business users who are the sending party from bunqMe-page or request link or either place them on the same level as counting towards the monthly credit/debitcard topup limit which applies to all users. That last one seems to be the best option for any private user account type coupled with charging the bunq Business owner.

                        According to me the rule is rather simple: no one is allowed to charge a fee to paying consumers for a debit or credit card payment, both in shops and online. I quote from the European Commission website:
                        "PSD2 prohibits surcharging, which is additional charges for payments with consumer credit or debit cards, both in shops or online. These rules are applicable since January 2018." https://ec.europa.eu/commission/presscorner/detail/en/qanda_19_5555
                        In other words: the payer cannot be charged any payment fee, irrespective of who gets payed and irrespective of when and where the consumer pays (within the EU). The regulation is intended to protect EU-consumers and doesn't allow for creative interpretations and loop holes, as far as I am concerned, as a consumer.

                          One more thing: is a bunq.me payment with an EU credit card already fully compliant with PSD2 Strong Customer Authentication (SCA)? Bunq.me asks for credit card details (name, expiry date and CVV) that would not be necessary with true SCA.

                          These same card details are also required by bunq.me for debit card payments, including a card number with numbers only, no letters. This precludes the use of Dutch Maestro and V-PAY debit cards, as they have an IBAN as card number, with letters, and no CVV. Apparently the use of debit cards is restricted to foreign Mastercard and VISA debit cards (or similar Dutch bunq debit cards, as bunq doesn't issue credit cards).

                            @Berend-Purple-Wolf#143890 As bunq does not support paying by direct debit, there are no letters for an IBAN. With "Credit and Debit Cards" they mean MasterCard and VISA Debit and Credit Cards. As a Dutch user you can just use iDEAL instead in such cases, it's free and also arrives instantly.

                              @Berend-Purple-Wolf#143890 And bunq.me asks for 3D Secure if your card supports it, but they still need the card number and expiry date, don't know why you think this details wouldn't be necessary anymore.

                                @Johannes: Every Dutch person in this discussion is quite aware of all the possibilities with other payment methods. You doun't need to explain them to us. We just want to know why bunq chooses not to comply with European surcharging regulations for debit and credit card payments.

                                With true SCA, the merchant or PSP would support EMV 3DS, redirecting the card holder to an authentication environment (an app) controlled by the card issuer. I have the necessary 3DS-compliant app from my card issuer on my smartphone and bunq chooses not to redirect me to that app. Why? With 3DS the merchant or PSP does not need to ask me for fraud-sensitive card data such as name, expiry date and CVV.

                                  @Berend-Purple-Wolf#143937

                                  @Berend-Purple-Wolf#143937 You doun't need to explain them to us

                                  Okay...
                                  I only tried to explain, why bunq.me's card number field doesn't support letters, and if it's an issue with Dutch cards, that there is iDEAL as an alternative.
                                  I still don't really get, why you expected support for letters though, I think there is probably no debit card number with letters anywhere and as far as I know most Dutch debit cards don't even have a card number printed on the card.
                                  If you mean the IBAN (NL..), it's not actually the card number. Maestro cards actually have card numbers (but also not with letters), but sadly not all banks are printing them on the card or support online payments with it.

                                  @Berend-Purple-Wolf#143937 With true SCA, the merchant or PSP would support EMV 3DS, redirecting the card holder to an authentication environment (an app) controlled by the card issuer.

                                  Could you name me merchants that actually require just the number, and nothing else? I personally never really saw this.
                                  And "normal" 3D-Secure is still "true SCA", SCA = Strong Customer Authentication, this just means, that there must be a strong authentication, but not that there is no name or expiry date required anymore.
                                  bunq.me actually supports it, I just tested it and after I clicked on "pay" I had to confirm the payment in my banking app via Face ID, but your bank has to support 3DS for this to work.
                                  If there is actually a new system, where you don't need anything but the card number, it might be still something worth looking into, but it's not a requirement for a strong customer authentication (it's more a privacy thing), normal 3DS with a good implementation by your bank should be good enough.

                                    Card number, name, expiry date and CVV combined are all very fraud sensitive card data that were only necessary before the introduction of proper SCA. With 3DS v1.x or 3DS v2.x there is no need for merchants or PSP's to ask those data from card holders who use a 3DS-app from their card issuer. That is one of the major objectives of SCA for online card payments: to do away with fraud sensitive data at the merchant or PSP and to redirect the card holder securely to the authentication environment of the card issuer. That way, the card holder only needs to submit sensitive authentication data to the card issuer and nobody else. Very similar to how this is already implemented for iDEAL since 2005.

                                    Most existing merchants and PSP's still ask for all those card data, as they have done so for many years and use the option to postpone the full implementation of SCA until January 1st, 2021. But bunq launched this functionality in 2020, several months after the PSD2 SCA-regulations were originally introduced. One would expect bunq not to implement old, outdated stuff and launch new functionality with modern future-proof and secure stuff from day one. What bunq does now, as a PSP, will be in violation of PSD2 SCA on January 1st, 2021.