PSD2 report query models for digital banking in Risk Analytics

Risk Analytics provides reporting capability based on a set of available pre-defined models that allow creating report queries based on particular elements you might like to report. The PSD2Closed Revised European Payment Service Directive (PSD2) model in OneSpan Risk Analytics for Digital Banking is pre-configured with a number of default queries to help generate PSD2 monitoring as defined in the PSD2 Regulatory Technical Standard (PSD2 RTSClosed Regulatory Technical Standards (RTS) requirements under the revised European Payment Service Directive (PSD2).).

Article 21 stipulates that it must be possible to extract the following data for a specific period, at least on a quarterly basis:

  1. Total number of transactions
  2. Total value of transactions
  3. Average transaction value
  4. Total value of unauthorized or fraudulent transactions
  5. Resulting fraud rate percentage (=(D) divided by (B))

Such data should be made available, and it should be possible to filter them by specific breakdown criteria:

  1. Global (no breakdown)
  2. Breaking down the data only for transactions initiated through strong customer authentication
  3. Breaking down the data only for transactions having matched one of the Strong Customer Authentication (SCA) exemptions

The article also foresees the possibility to extract the following data according to the period and each SCA exemption:

  1. the ratio of number of transactions having matched the SCA exemptions in relation to the total number of transactions (=(A.iii) divided by (A.i))

Pre-defined report query models

The reporting tool of Risk Analytics allows to execute simple queries based on pre-defined models, with a possible aggregation (sum, count, average) of table columns. However, it does not allow performing a direct calculation of the ratio between table columns and aggregated table columns. Thus, it is not possible to extract the fraud rate percentage (E) and the ratio of each breakdown (F) directly with the report tool. Nonetheless, the missing ratios can be calculated from the reported elements.

The pre-defined report queries in the PSD2 model allow to extract data (A), (B), (C) and (D), either not broken down (i) or split per specific breakdown criteria (ii) and (iii). This will be achieved through the following possible reports:

  • Monitoring global transactions
  • Monitoring global transactions where SCA was performed
  • Monitoring global transactions for each exemption group:
    • Monitoring Transactions 3 previous months with exemption on value transaction <= ETV
    • Monitoring Transactions 3 previous months with exemption on recurring subsequent transaction
    • Monitoring Transactions 3 previous months with exemption on transfer to same customer
    • Monitoring Transactions 3 previous months with exemption on trusted beneficiary
    • Monitoring Transactions 3 previous months with exemption on low value transaction

For these queries, the PSD2 report model exposes two views:

  • LV_PSD2_TXN
  • LV_PSD2_TXN_RULE_MATCHES

Report views in the PSD2 report model

Report view LV_PSD2_TXN in the PSD2 report model
Column Type Description
TXN_ID NUMBER Identifier of the transaction.
TXN_TYPE STRING Type of transaction, e.g. InternalTransfer.
TXN_TYPE_KEY NUMBER Type key of the transaction, e.g. 102.
TXN_SUB_TYPE STRING Sub-type of the transaction, e.g. OneTime.
TXN_SUB_TYPE_KEY NUMBER Sub-type key of the transaction, e.g. 101.
CREATED_DATE DateTime

Creation date of the transaction event.

Format: DD/MM/YYYY HH:MM:SSAM or PM.

TXN_DATE_TIME DateTime

Date of the transaction.

Format: DD/MM/YYYY HH:MM:SSAM or PM.

AMT_CH_BILL NUMBER Original amount of the transaction.
IS_DISPUTED BOOLEAN

Indicates if the event is unauthorized or fraudulent:

  • 1 if the event is declined (RESPONSE_CODE = 1) or tagged as fraud (FRAUD_DISPOSITION_KEY != [null] and != 4).
  • 0 otherwise
DISPUTED_AMT_CH_BILL NUMBER

Original amount of the transaction if the event is unauthorized or fraudulent:

  • = AMT_CH_BILL if the event is declined (RESPONSE_CODE = 1) or tagged as fraud (FRAUD_DISPOSITION_KEY != [null] and != 4).
  • 0 otherwise
IS_ FRAUD* BOOLEAN

Indicates if the event is fraudulent:

1 if the event is tagged as fraud (FRAUD_DISPOSITION_KEY != [null] and != 4).

0 otherwise.

FRAUD_AMT_CH_BILL* NUMBER

Original amount of the transaction if the event is fraudulent:

  • = AMT_CH_BILL if the event is declined (RESPONSE_CODE = 1) or tagged as fraud (FRAUD_DISPOSITION_KEY != [null] and != 4).
  • 0 otherwise
AUTHENT_STATUS NUMBER Authentication Status (04).
RESPONSE_CODE NUMBER RA response code.
FRAUD_DISPOSITION_KEY NUMBER Fraud disposition key (1 in case of fraud).

*The default PSD2Closed Revised European Payment Service Directive (PSD2) report queries make usage of the IS_DISPUTED and DISPUTED_AMT_CH_BILL attributes as the PSD2 RTSClosed Regulatory Technical Standards (RTS) requirements under the revised European Payment Service Directive (PSD2). stipulate that the fraud rate should be calculated as a ratio between “the total value of unauthorized or fraudulent […] transactions”1 and “the total value of all transactions”2 .

For customers that would extract a calculated fraud rate instead of data based on fraudulent transactions only (excluding unauthorized/declined transactions if they are not tagged as fraud), the attributes IS_ FRAUD and FRAUD_AMT_CH_BILL are also provided in the view.

Report view LV_PSD2_TXN_RULE_MATCHES in the PSD2 report model
Column Type Description
DECISION_MATCH_ID NUMBER Identifier of the decision match.
DECISION_MATCH_RULE_ID NUMBER Identifier of the decision match rule.
RULENAME STRING Name of the rule.
TXN_ID NUMBER Identifier of the transaction.

LV_PSD2_TXN_RULE_MATCHES can be used to perform a breakdown on the SCA exemption, using the RULENAME attribute of this view as filtering condition (see Default queries in the PSD2 report model). It is possible to create a query where elements of the LV_PSD2_TXN and LV_PSD2_TXN_RULE_MATCHES views are combined.