All frameworks// framework reference

PSD2 for EU B2B software companies.

PSD2 applies to EU payment service providers and affects software companies that operate payment services or support regulated payment workflows. It commonly appears in fintech security work alongside DORA, PCI DSS, GDPR, and customer due diligence.

Information bankbindingLast updated May 12, 2026

Who it applies to

Payment institutions, electronic money institutions, and payment service providers.
Open banking and account-information service providers.
Software suppliers supporting regulated payment workflows.

What you need to do

Strong customer authentication, secure communication, incident reporting, and operational controls.
Evidence around access, authentication, resilience, and security governance.
Alignment with DORA and PCI DSS where payment and ICT risk overlap.

How to use this entry

Use this page to understand the buyer or regulatory pressure before it becomes a deadline.
Run the regulation checker to see whether this area is likely to matter for your company now.
If it becomes relevant, Kaamos can help you scope the gap and turn it into prioritized security work.