The Payment Services Directive (PSD2) is an EU regulation forcing financial institutions (e.g. banks) to enable open access to their customer information and payment networks. Payment Service Providers (PSPs)
and other Third Party Providers (TPPs) can thus access user data if permission has been given by the customer. The ultimate goal of PSD2 is to increase competition and encourage new, innovative financial solutions, while establishing standards to ensure interoperability and the
security of user data.

QWAC and QSealC for PSD2
The Regulatory Technical Standards (RTS) for Strong Customer Authentication (SCA) and secure Common Open Standards of Communication (CSC) list specific security measures that financial institutions need to comply with under PSD2. One core principle is
common and secure communication between all parties involved.
All transactions must take place over secured channels and ensure authenticity and integrity of the data. This is where Qualified Certificates for Website Authentication Certificates (QWAC) and Qualified Certificates for Electronic Seals (QSealC) for PSD2 come in.