This document provides the answers to common questions about the use of Qualified certificates to support secure communications between payment services under PSD2 and their related Regulatory Technical Standards (RTS). The aim of this document is NOT to define how security works, but rather to explain which types of certificates are used, how to procure and validate them and the various operational and commercial processes.
This document is aimed at the following audiences:
- Account Servicing Payment Services Providers (ASPSPs)
- National Competent Authorities (NCAs)
- Third Party Providers (TPPs)