Back to FAQs category About Credit About bad credit Searches on your credit report Your credit card application Using your credit card Managing your account Statements, payments & interest Safety & Security Photocard Secured Card Aspire® Elite Card Mobile App Complaints Payment Protection Insurance (PPI) Subject Access Request Payment Services Directive (PSD2) Payment Services Directive (PSD2) What is PSD2 and Open Banking? PSD2 is a revision of the Payment Services Directive, a key piece of EU legislation that governs how we carry out your payment transactions and the information we are required to provide to you about those transactions. The most significant change introduced by PSD2 is that it regulates online services provided by third party providers (TPPs). With your consent they can: see your online account information make payments on your behalf, as an alternative to using your debit or credit card Visit the FCA website opens in a new tab for more information. Open Banking is closely linked to PSD2 and has similar aims of creating new, secure ways for you to share information about your finances with regulated third parties. What are TPPs, AISPs and PISPs? A TPP is a Third Party Provider authorised to provide information or payment related services on certain online accounts. The two types of TPP are Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs). With your consent, AISPs can access your online account information via a secure online access process. An example of the type of service AISPs may offer is an online dashboard, where you can see your financial account information across multiple banks or card providers, in one place. You have to formally give your consent for an AISP to do this. PISPs can make online payments on your behalf, as an alternative to paying using your debit or credit card. PISPs are only able to do this where you have given consent to the PISP and where you are able to make payments from your online account. We don't currently support this within our online account service, so PISPs will not be able to make payments on your behalf from your Capital One credit card. Visit the FCA website opens in a new tab for more information. How do I know if a TPP is authorised? The Financial Conduct Authority will add TPPs (both AISPs and PISPs) to the register it keeps of all authorised businesses. Before you use a TPP's services, be confident that the organisations you're sharing your information with are who they say they are. Make sure you understand the service and are happy with who will be providing it to you. Visit the FCA website opens in a new tab for more information. How do I control who has access to my data? You have the freedom to choose whether you let a TPP access your personal and financial information. All TPPs have to be authorised by the Financial Conduct Authority (FCA) and must have your permission before they are allowed to access your data.