When using an e-commerce website, the customer might be offered the opportunity to pay via a PISP service as an alternative to using a debit or credit card.
The customer must provide their consent to the PISP to initiate the payment from their payment account held by a bank, input their credentials as if they were connecting to an online banking service and select the particular payment account to be debited in favour of the merchant's account.
Customers can use AISPs to get a consolidated view of their accounts across various banks, including HSBC accounts. Customers must provide consent to an AISP for it to access their payment account. Following this, a bank will send the payment account data to the AISP.
PSD1 and PSD2 are written with customer protection in mind, and as such, apply to both retail customers and corporate companies.
Since retail customers and corporate companies have different needs and requirements, PSD2 allows banks the option to use a 'corporate opt-out' for certain provisions.
Additionally, PSD1 and PSD2 contain an option for a member state to apply, or not apply, a particular article of the directive. For example, a country can have the option to classify microenterprises as 'corporates' or 'consumers'.