Login

European Payments Report Overview Part 1 – About Payments in Europe 2026

1. About Payments in Europe

The redesigned European overview section of the Yearbooks edition 25-26 has a completely new structure. Beyond card payments, it now includes three competing European payment ecosystems:

The objective of the European overview section is to provide an overview of both card payments and cardless payments having in mind the regulatory view on digital payment services for the digital economy, the payment demands of consumers and merchants and the emerging digital payment world. In addition, the cash ecosystem is briefly highlighted.

Having a pan-European view on payment services and payment service providers in mind, the European overview section comprises an introduction about the Yearbook and its six sections reflecting digital payment transformation trends. It analyses both the card payment business and the emerging Open Banking payment ecosystem:

The Yearbooks section ‘About Payments in Europe’ provides an introductory overview about payments in Europe and briefly analyses different aspects of card payments, emerging cardless payments directly from bank accounts and digital payment transformation:

Further, this section briefly highlights important payment service trends and digital technologies relevant to the European payment business.

1.1 Digital Payments for the Digital Economy

The adoption of the revised Payment Services Directive, PSD2, and disruptive technologies have set the stage for digital payments for the digital economy. They have accelerated digital payment transformation and mobile payment services, as well as cardless IBAN-based payments directly from bank accounts, which compete with card payments in Europe.

In addition, new consumer demands are a game changer. Europe’s consumers embrace mobile devices like tablets, smartphones and Internet of Things (IoT). They like digital banking apps with access to all their accounts at different banks in one single app, with the option to make payments directly from their bank account of choice. Additionally, they appreciate more banking services and payment services added to their mobile banking app. Consumer adoption of digital payments is driven by minimal cost, secure payments and a high level of user convenience.

Mobile devices permanently connected to the internet are a game changer for merchants and the supporting payments industry. It is estimated that the number of devices connected to the internet will explode from 10 billion in 2015 to more than 30 billion by 2030.

In the last decade, European consumers have embraced mobile devices – this change significantly impacts their shopping experience. Consumers become increasingly connected and they have started to purchase anywhere, at any time, from any device.

Driven by the development of social media and mobile devices, the emergence of permanently connected consumers has impacted their interactions with brands but also their expectations of how to shop using the increasing number of touch points between consumers and merchants, e.g.:

The ongoing rollout of a mature online and mobile communication infrastructure will be an enabler for digital payment transformation and for Open Banking payments.

In a few years from now, mobile banking apps and mobile payment apps are expected to combine account management, digital payment services, personal finance management and value-added digital services from location finders to digital vouchers.

Digital Commerce in Europe 

Global digital commerce is seeing exponential growth and European merchants are increasingly looking to take advantage of cross-border initiatives to increase revenue growth along with providing more service options for their customer base.

Since the mid-90s, most internet users have been accustomed to buying products and services online. Internet sales in the EU28 already amounted to 4.3% of all sales by the end of 2007. In late 2019, it was estimated that e-commerce in Western Europe was growing at around 10.2% on average, approximately half the global growth rate. Western Europe economies are more mature in their approach to digital commerce due to increasingly used mobile devices for online shopping.

The impact of the COVID-19 pandemic in 2020 and into 2021 vastly accelerated the pre-existing shift to digital payments and e-commerce across Europe, with most estimates suggesting a CAGR of around 20% in B2C e-commerce from 2021 onwards. By 2024, growth in B2C e-commerce revenue stabilised in most markets and some markets recorded declines as the effect of the pandemic wore off.

Excluding distance selling volumes, the leading e-commerce countries ranked by B2C e-commerce value were the UK, Germany, France, Russia, Italy, Spain, the Netherlands, Denmark, Sweden, Norway, Switzerland and Belgium.

According to eCommerce Europe, Asia Pacific is the leading e-commerce region worldwide. It is notable that China surpassed the United States of America as the strongest country in terms of B2C e-commerce revenues in 2013.

In 2024, the global B2C e-commerce revenue amounted to €5,820.6 billion. It showed an increase of 8.51% from 2023 (CAGR: 14.23%). The total European B2C e-commerce revenue, including goods and services, reached €819.0 billion, up by 7.06% compared to 2023 (CAGR: 5.15%) and equivalent to a 14.1% market share in the total global B2C e-commerce value.

1 - B2C E-Commerce Revenues in Europe
(€bn)20202021202220232024GR 23/24GR 5YCAGR 5Y
Europe (E37)591.0684.0718.0765.0819.07.06%28.57%5.15%
Growth/year of B2C eCommerce sales in Europe-7.2%15.7%5.0%6.5%7.1%7.83%-9.31%-1.94%
Global B2C e-Commerce revenue 3,719.14,406.05,429.45,363.85,820.68.51%94.45%14.23%
- thereof Europe (E37) in %15.9%15.5%13.2%14.3%14.1%-1.34%-33.88%-7.94%
Note: in this table, Europe includes 37 countries (E37). Figures excluding distance selling.
Source: eCommerce Europe, Yearbooks calculation.

Digital Infrastructure drives Digital Commerce 

The ongoing rollout of a mature online and mobile communication infrastructure will be an enabler for digital payment transformation and for Open Banking payments.

In 2024, 77% of internet users in the EU27 countries shopped online. The proportion of internet users ranged from 100% in Norway, 99% in Luxembourg, Switzerland and Iceland, and to 87% in Bulgaria and 85% in Croatia.

The proportion of individuals using the internet for ordering goods or services ranged from a high 95% in the Ireland down to a low 50% in Bulgaria.

In 2024, the market share of the EU enterprises selling online decreased to 20.75%, down from 19.74% in 2023. And 78.2% of the total EU enterprises had a website.

2 - Internet Use in the EU27 Countries
(in %)202020212022202320242025FGR 23/24CAGR 5Y
Households with internet access91%92%92%93%94%95%1.18%0.99%
Last internet use (individuals, 12 months)89%90%91%92%93%94%0.90%1.22%
Internet users who bought online73%74%75%76%77%78%2.18%2.40%
Last online purchase (individuals, 12 month)65%67%68%70%72%74%3.10%3.64%
Last online purchase (individuals, 3 month)54%57%56%58%60%62%3.69%4.20%
Internet banking users 58%58%60%64%67%70%5.28%4.26%
EU enterprises having a website77%78%78%78%78%79%0.19%0.40%
EU enterprises selling online18%19%20%20%21%20%5.12%3.82%
Note: figures for 2014 onwards have been restated to cover only the EU27 countries post 'Brexit'.
Sources: Eurostat, ITU.

Looking into the specific data of major European countries shows that connected consumers are the new normal for retailers and the payments industry. For illustration purposes, compiled on data from 2024, Table 3 shows the internet use and mobile use of consumers in selected European countries.

It is notable that the eGDP market share in the UK amounted to 8.07% of the total GDP in the country, proving that the UK is the leading B2C e-commerce market in Europe.

3 - Connected Consumers in Europe (2024)
ABCZCHSPLNLIEDFUK
Population (in million)9.1811.8510.909.0510.6337.4917.9958.9548.8683.5368.4469.23
Households (in million)4.195.204.553.964.8115.578.6426.3019.5041.4932.0928.20
Households with internet access95%95%95%100%95%96%99%93%97%93%94%98%
Last internet use (individuals, 12 months)95%96%94%100%98%90%100%90%96%94%95%98%
Internet users who bought online75%79%86%84%90%74%94%60%72%83%84%93%
Last online purchase (individuals, 12 month) (EU: 60%)71%76%81%84%88%67%94%54%69%78%80%91%
Mobile phone subscriptions per 100 population124%104%127%129%141%138%129%133%130%129%117%122%
Internet banking users (%)78%83%84%84%83%57%96%55%75%67%72%89%
Online B2C eCommerce value (€bn)9.6017.4011.2015.6014.0043.4036.0058.5095.2094.00175.30127.00
B2C eCommerce growth rate GR 22/232.1%6.7%0.0%5.4%11.1%13.3%5.6%5.6%13.1%0.4%9.6%3.3%
Ø B2C e-Commerce amount per eShopper per year€1,399.6€1,854.8€1,192.9€1,915.1€1,466.6€1,555.1€2,128.4€1,653.9€2,711.0€1,356.2€3,041.8€1,975.7
Cross-border B2C purchases from EU countries69%62%36%61%29%13%34%38%32%20%39%31%
Cross-border B2C purchases from non-EU countries24%16%17%20%16%7%21%25%29%12%31%35%
eGDP market share of GDP2.00%2.83%3.51%1.81%2.48%5.13%3.18%2.67%5.99%2.19%6.00%8.07%
Market share in European B2C eCommerce 1.17%2.12%1.37%1.90%1.71%5.30%4.40%7.14%11.62%11.48%21.40%15.51%
Note: figures are from 2021 sources. Italic figures are estimated. eShoppers from 16-74 in % of capita.
Note: A = Austria, B = Belgium, CH = Switzerland, CZ = Czechia, D = Germany, E = Spain, F = France, I = Italy, NL = Netherlands, PL = Poland, S = Sweden and the UK.
Note: B2C commerce values are for goods & services. Table sorted by B2C ecommerce value from left to right.
Sources: Eurostat, eCommerce Europe, ITU.int, eMarketer, PCM Research.

Consumer Behaviour Evolution 

Digital technologies and new consumer demands are a game changer. Europe’s consumers embrace mobile devices like tablets, smartphones and Internet of Things (IoT).

With the advance of contactless and online technologies in combination with mobile apps, smartphones and tablets, many consumers expect a more convenient shopping experience both in merchant outlets and on the internet. In a digitally connected world, consumers expect no more barriers between face-to-face outlets and e/m-commerce.

Encouraged by market players like Amazon, Facebook, Google and Uber, and as reported by many retailer associations, more and more consumers demand more convenient shopping with access to global retailing marketplaces, and their preferred payment services to be offered by retailers, independent of the channel they purchase from.

However, a high level of convenience does not satisfy all consumer requirements. Retailers are also expected to provide responsive services, knowledgeable assistance and customisation options. Whether customers shop in-store or online, they will no longer accept perceived overpricing and poor standards of customer service and are likely to switch to alternatives as well as post negative feedback for other consumers.

Considering the advance of mobile payment apps, the mobile device is becoming a kind of dashboard for omni-channel shopping and payments that incorporates the various checkout forms already offered by the retailer. Consumers like digital banking apps with access to all their accounts at different banks in one single app, with the option to make payment directly from their bank account of choice. Additionally, they appreciate more banking services and payment services added to their mobile banking app. Consumer adoption of digital payments is driven by minimal cost, secure payments and a high level of user convenience.

According to large retailers, consumer expectations for retailing services will be seamless omni-channel shopping and payments experiences combined with added-value services for consumers across all retail channels, regardless of the challenges this poses the retailer.

Merchants Demands for Payment Acceptance Services 

Many retailers have been focusing on big bricks-and-mortar store networks for decades. In the past, retailers had underestimated the potential of new checkout types and online channels, treating them as a separate business line.

However, in the last decade, the retail industry has fully embraced online shopping to help satisfy increasing consumer demand for speed, convenience and a frictionless user experience. Consequently, the retail environment is experiencing change at a faster pace than ever before.

Online technologies and the demands of connected consumers drive the changes that are rapidly transforming the retail sector, offering retailers new opportunities to generate differentiation and additional revenues or gain market and customer share, through better customer engagement.

The increasing number of connected consumers, the growing penetration of disruptive technologies and new shopping behaviour reinvented through social collaboration, mean retailers are confronted with a dynamic, complex shopping environment. This in turn has a significant impact on the retailer IT systems and payment platforms that are often separate by channel and by country.

Moving towards omnichannel may now appear mandatory for most retailers, and the process of going through fundamental changes not only to avoid disappointed customers but also to harness new opportunities from new technologies is challenging. A powerful consumer experience is not just about maintaining consistency, relevance and convenience at any cost. It is about creating seamless consumer dialogue through every stage of the customer journey, from pre-purchase research to post-sales touch points, and this often requires embracing social media.

Historically, large merchants have operated and/or outsourced payment platforms separated by channel and by country. Small merchants have used the services of payment service providers like NSPs, PSPs and/or card acquirers.

However, the interchange fee regulation (IFR) of 2015, the Open Banking Mandate of the revised Payment Services Directive (PSD2) in 2018, and emerging Open Banking payment apps have started to reshape the European payments landscape, providing new opportunities and benefits for the individual merchant.

According to recurring annual talks, many retailers confirm that the integration of POS terminals, mobile POS terminals and payment pages of online shops in one single payments platform is one of their challenges.

In addition, modern retailers are aware that they need to manage all the different payment use cases (including mobility in-store) and payment services accepted, ideally supported by a centralised multi-payments platform.

In short, modern retailers are looking for Open Payment platforms enabling omnichannel payment acceptance services for cards, IBAN-based payments directly from bank accounts, advanced payment wallets, prepaid products, in-app payments and mobile HCE NFC payments in-store.

Both large merchants and innovative small and medium merchants say they lack a configurable, flexible, Open Payment infrastructure capable of supporting all checkout types and multi-payment services, omnichannel.

Modern retailers see omnichannel payments combined with a flexible central payment platform as a prerequisite and an increasingly common starting point for omnichannel retailing.

In addition, retailers always demand payment acceptance services, which are relevant for consumers, secure and at a reasonable low cost.

1.2 Legal Framework for Payment Services in Europe

In most of the European countries, there has been a de facto national regulation of all payment schemes in the past with high technical barriers to ensure and defend payment security.

It is obvious that the respective rules and regulations of domestic card schemes and the international card schemes continue to be applied by the card payment service providers (e.g. EMV, PCI, and SEPA Cards Framework), respectively.

According to Commission sources, in 2013, there were 568 Authorised Payment Institutions (PIs) in the EU, and 2,203 registered payment institutions (PIs) (smaller firms) across the whole EU. Of this total, the UK had 316 APIs and 903 registered PIs. They first became regulated by the Payment Services Directive, PSD. Since PSD2 was introduced in 2009, the number of payment institutions increased to over 6,500 in the EU by 2021.

The legal framework for payment services is a joint project undertaken by the European Commission as the regulator, the European Central Bank (ECB) as the Euro System, and the European Payments Council (EPC) with the objective of standardising payments in Europe and to remove existing barriers, promote cross-border competition between payment services, strengthen the European internal market and drive the digital payment transformation.

Based on its vision, the EU Commission has therefore created a unique legal framework for cashless B2C and B2B payments that supersedes pre-existing national legislation and is binding for financial service providers and payment service providers throughout the EU. As members of the European Economic Area, Liechtenstein, Norway, Iceland, and Switzerland have largely transposed this legal framework into their national payment legislation.

As an EU Member State, the UK put the European legal framework for payment services into British law. However, the UK left the European Union at the end of 2020 (Brexit).

Overview of Legal Framework relevant for Payment Services 

The legal and regulatory framework for payment services in the EU/EEA is built around EU directives and regulations, supplemented by national laws, supervisory guidance, and central bank rules. It governs licensing, conduct of business, consumer protection, operational resilience, anti-money laundering controls, data protection, and access to payment systems. PSD2 remains the main legal foundation for payment services and Open Banking today, but the EU has proposed a new PSD3 and a new Payment Services Regulation (PSR) to modernise and partly replace the current framework.

The key elements of the current framework include:

Revised Payment Services Directive (PSD2)
PSD2 remains the principal EU directive for payment services. It regulates payment institutions, e-money institutions, account information service providers (AISPs), and payment initiation service providers (PISPs); sets rules on transparency, rights and obligations, execution of payments, safeguarding, access to payment accounts, and Strong Customer Authentication (SCA); and provides the legal basis for Open Banking. The European Commission has proposed replacing and updating parts of this regime through PSD3 and a directly applicable PSR, but these proposals are not yet the operative framework.

E-Money Directive (EMD)
The E-Money Directive remains relevant for the authorisation and supervision of e-money institutions. However, the Commission’s 2023 payments package is intended to bring payment institutions and e-money institutions into a more harmonised framework under the proposed PSD3/PSR reforms.

General Data Protection Regulation (GDPR)
GDPR has applied since 25 May 2018 and remains central to payment services, especially for Open Banking, fraud monitoring, customer authentication, outsourcing, and data-sharing arrangements. It governs lawful processing, transparency, consent where applicable, data minimisation, portability, security, and individuals’ rights over personal data.

Anti-Money Laundering / Counter-Terrorist Financing Framework
The AML framework has moved beyond simply referring to “AMLD6”. In May 2024, the EU adopted a new AML package comprising a new AML Regulation, a new AML Directive, and the creation of the new Anti-Money Laundering Authority (AMLA). This materially strengthens supervisory convergence and the EU-wide AML/CFT architecture for financial institutions, including payment and e-money firms. AMLA entered into force in June 2024 and is being established in Frankfurt.

Digital Operational Resilience Act (DORA)
DORA is now a major part of the regulatory landscape for payment service providers and other financial entities. It became applicable on 17 January 2025 and introduces harmonised EU rules on ICT risk management, incident reporting, digital operational resilience testing, and oversight of critical ICT third-party providers. For many payment firms, DORA is now one of the most important compliance frameworks alongside PSD2 and AML/CFT rules.

Instant Payments Regulation (IPR)
The Instant Payments Regulation, Regulation (EU) 2024/886, entered into force on 8 April 2024 and amends the SEPA framework to accelerate the availability of instant euro credit transfers. It introduces phased obligations for payment service providers, including requirements linked to receiving and sending instant payments, as well as IBAN/name verification and sanctions screening adjustments. This is now a key development for account-to-account payments in Europe.

SEPA Legal Framework
The legal basis for SEPA remains important, particularly the SEPA Regulation and its amendments. SEPA rules standardised euro credit transfers and direct debits across participating countries, replacing domestic legacy formats for euro account-to-account payments. The Instant Payments Regulation now builds directly on this framework.

Regulation on Cross-Border Payments
EU cross-border pricing rules remain a core part of the retail payments framework. The EU has long required charges for cross-border euro payments to be aligned with charges for equivalent domestic payments, and the newer legislative updates interact with both SEPA and instant payments reforms.

Interchange Fee Regulation (IFR)
The IFR remains in force and continues to cap interchange fees for consumer debit and credit card transactions, while also supporting greater transparency and competition in the cards market. It remains a foundational part of the EU legal framework for card acceptance and merchant pricing.

Consumer Protection Rules
The Consumer Rights Directive (CRD) remains relevant, but references should now acknowledge the broader modernised EU consumer framework, including later digital-era updates such as the Modernisation Directive. Together, these rules support transparency, pre-contractual information, cancellation rights, and fair treatment of consumers purchasing goods, services, and digital content online.

Crypto-Asset Regulation Where Relevant to Payments
Where payment services overlap with stablecoins, e-money tokens, or crypto-asset service provision, the Markets in Crypto-Assets Regulation (MiCA) is also relevant. MiCA entered into force in June 2023, began applying for asset-referenced tokens and e-money tokens on 30 June 2024, and became fully applicable from 30 December 2024. This is increasingly relevant for firms operating at the boundary between payments and digital assets.

Domestic Laws, Supervisory Rules and Central Bank Requirements
EU directives and regulations are complemented by national legislation, regulatory technical standards, supervisory guidance, and central bank oversight in each country. In practice, payment service providers must comply not only with EU-level law but also with domestic licensing, conduct, consumer, prudential, AML/CFT, and operational requirements.

E-Money Institutions – Since 2009, all issuers of prepaid cards, prepaid products and other e-money payment services, which are active in Europe and do not have an own bank licence are requested to get licensed as an e-money institution (EMI) according to the effective EMD. EMI licences include an EU-wide passport allowing for offering e-money issuer services in the EEA.

Supervising authority for payment services is usually the domestic Financial Markets Authority (FMA) on behalf of the respective national central bank or the national central bank itself. The FMAs by EU Member State are the approval bodies for the EMI certification. By choice of the EMI candidate, the certification approval by one of the FMAs in Europe is sufficient to get an EU-wide passport for e-money issuing.

When monitoring the European payments industry, it can be noted that many EMIs have preferred to apply for EMI licences with granted European passports in Luxembourg, Lithuania, or in Malta.

1.2.1 SEPA End-Date Regulation and SEPA Payment Instruments 

The legal basis for SEPA credit transfers and direct debits is Regulation (EU) No 260/2012 (the SEPA Regulation), which established technical and business requirements for credit transfers and direct debits in euro. It set the migration deadlines for replacing domestic euro credit transfer and direct debit schemes in the euro area with the SEPA Credit Transfer (SCT) and SEPA Direct Debit (SDD) schemes. In the euro area, the main migration deadline was 1 February 2014, with a transitional extension by the European Commission until 1 August 2014.

The regulation also introduced harmonised requirements on reachability, IBAN usage, ISO 20022 XML message standards, and the continued legal validity of existing direct debit mandates after migration to SDD. Over time, the use of the BIC was phased out, leaving IBAN as the main account identifier for national and cross-border euro payments.

Although originally known as the SEPA End-Date Regulation, Regulation 260/2012 is now better described simply as the SEPA Regulation, because its importance extends beyond the original migration end-dates. It remains the core legal framework for euro credit transfers and direct debits across SEPA.

A major recent development is Regulation (EU) 2024/886, the Instant Payments Regulation, published in March 2024 and effective from 8 April 2024, which amended the SEPA Regulation to introduce new requirements for instant credit transfers in euro. These changes mean the SEPA framework now covers not only standard SCT and SDD instruments, but also a strengthened legal regime for SCT Inst. Among other things, the new rules require payment service providers in scope to offer the ability to receive instant euro payments, then to send them, to price instant payments no higher than regular credit transfers, and to perform verification of the payee/beneficiary. The rollout is phased, with key euro-area milestones on 9 January 2025 and 9 October 2025, and later deadlines for non-euro-area PSPs.

The current SEPA payment instruments can therefore be described as:

As before, the SEPA Regulation applies to credit transfers and direct debits in euro and does not itself regulate card payments, money remittance, or most online payment instruments as separate categories, although some broader EU payment-services legislation does cover those activities.

1.2.2 The Revised Payment Services Directive PSD2

The original Payment Services Directive (PSD) was adopted in 2007 in order to establish a harmonised legal framework for payment services across the EU. As the payments market evolved, with the growth of e-commerce, mobile payments, digital wallets and new third-party providers, the original framework became outdated. In particular, the different interpretation of certain exclusions and exemptions, including those relating to limited networks and certain telecom-based payment services, created legal uncertainty and inconsistent implementation across Member States. These issues were among the drivers for the adoption of the revised Payment Services Directive (PSD2).

Directive (EU) 2015/2366, commonly known as PSD2, was adopted in November 2015, entered into force on 12 January 2016, and applied from 13 January 2018. It extended and clarified the scope of EU payment services regulation and introduced rules for new categories of regulated providers, including payment initiation service providers (PISPs) and account information service providers (AISPs). PSD2 also strengthened consumer protection, enhanced supervisory convergence, and established the legal basis for Open Banking through regulated access to payment accounts.

The most important practical innovations introduced by PSD2 included:

The legislative background to PSD2 included the European Commission’s 2012 Green Paper on card, internet and mobile payments and the subsequent consultation process, as well as policy discussions on card standardisation, online payments and SEPA governance. These initiatives helped shape the Commission’s legislative proposal published on 24 July 2013, which ultimately became PSD2.

Today, PSD2 remains the core EU legal framework for payment services. However, following its review, the European Commission published a new legislative package in June 2023 proposing a PSD3 and a directly applicable Payment Services Regulation (PSR). These proposals aim to address fraud, improve Open Banking performance, strengthen consumer rights, and further harmonise supervision. Until those proposals are adopted and implemented, PSD2 remains in force.

Within the wider European Economic Area, PSD2 is also relevant beyond the EU. However, it is better not to say that Switzerland has “committed to PSD2” in the same way as EEA countries. The EEA-relevant extension concerns Iceland, Liechtenstein and Norway through the EEA framework; Switzerland is not an EEA member and should be treated separately.

Characteristics of the PSD2 Outlook: PSD3 and PSR 

The adoption of PSD2 has formalised the relationship between banks and trusted payment providers (TPPs) by establishing the Open Banking Mandate providing open access to customer account data and the payments infrastructure. This is expected to stimulate the FinTech market to develop new integrated services models for both consumer and business customers.

This regulation is a reaction to the growing demand from customers as mobile and internet applications have become widely adopted driving expectations in how services should be delivered across all industries.  Other market segments have adopted Open APIs to respond to this demand and shown that innovative applications can grow business and change customer behaviour.

PSD2 has a significant impact on the European payments industry. According to the EC, the revised Payment Services Directive brings several new important elements and improvements to the EU payment market e.g.:

In 2022, the regulator started a PSD2 review process, which may end up in a revised PSD2 dubbed PSD3. While consultations are currently ongoing, the revisions are expected to address the achievements of the PSD2 and evaluate the need for a revised standard.

Proposed EC Revisions to the EU Payment Services Regulation – PSD3 and PSR 

In June 2023, the European Commission (EC) published its proposed revisions to EU payment services legislation, as well as a proposal on Open Finance/data access in the financial services sector beyond Open Banking/payment accounts in the form of a new Open Finance framework called “FIDA”.

Essentially, the EC is proposing that PSD2 would be split into two different instruments. These will ensure consumers can continue to make electronic payments and transactions safely and securely in the EU, domestically or cross-border, in euro and non-euro. Whilst safeguarding their rights, it also aims to provide greater choice of payment service providers on the market:

The objective of the regulation is to enhance harmonisation of the rules and enforcement across the various EU Member States. In addition, the EC proposed to merge the E-Money Directive (EMD2) with the proposed PSD3 and PSR texts, so as to have one coherent regime for both payment services and e-money services, and thereby ensure a level-playing field between PIs and EMIs.

PSD3 also amends the Settlement Finality Directive (SFD) in order to allow non-bank PSPs (e.g. PIs and EMIs) to participate directly in SFD-designated payment systems. Fintechs will be given access to all EU payment systems, with appropriate safeguards, and giving them a right to have a bank account. That way, those non-bank PSPs would no longer need to rely on banks in order to execute payment transactions.

A system to check IBANs and a platform to enable payment service providers to share fraud-related information are two proposals around consumer protection, including an extension to all credit transfers of IBAN/name-matching verification services. These have been proposed by the Commission for instant payments in Euro. All consumers should benefit from them, for both regular and instant credit transfers.

The European Banking Authority (EBA) is given once again a number of mandates under PSD3 and the PSR to prepare draft regulatory technical standards (RTS) and draft implementing technical standards (ITS), ultimately to be adopted by the EC, as well as guidelines, and to continue maintaining the register.

In 2024, significant progress was made in updating PSD2. In April 2024, the European Parliament adopted the European Commission’s proposals for PSD3 and PSR at first reading. While the exact timelines for enforcement are not yet confirmed, it is anticipated that the finalised versions of PSD3 and PSR may become available by 2025.

In 2025, the EU made substantial progress toward finalising PSD3 and PSR, marking the next major phase in the evolution of Europe’s payment services framework. In June 2025, the Council of the EU reached agreement on compromise texts for both legislative instruments, subsequently endorsed by COREPER (the Committee of Permanent Representatives), enabling the start of trilogue negotiations with the European Parliament and the European Commission.

These negotiations aim to align positions on key issues, including liability for payment fraud, direct access of non-bank payment service providers to payment systems, and strengthened consumer protection. Final adoption and publication of the legislative package are expected by late 2025, after which the PSR will apply directly across all EU Member States, while PSD3 will require national transposition within approximately 12–18 months. This means the new framework could come into practical effect during 2026–2027.

The 2025 developments reaffirm the EU’s objective to harmonise payment regulation, enhance security and consumer rights, and create a more competitive and innovative payments landscape across the single market.

1.2.3 Regulatory Technical Standards (RTS) 

In line with the 2026 transition to the Payment Services Regulation (PSR) and PSD3, the European regulatory framework has evolved from the original RTS into a unified Single Rulebook. The PSR, which reached a final political agreement in late 2025 and enters into force in Q2 2026, directly incorporates and enhances the standards for Strong Customer Authentication (SCA) and common secure access.

Under the new mandate, all banks must provide TPPs with access to payment accounts via high-quality dedicated interfaces (APIs). This access is strictly contingent on explicit client permission, provided the TPP holds the necessary PISP or AISP license. Crucially, the PSR resolves previous ambiguities by requiring banks to maintain Permission Dashboards, which give clients real-time visibility and control over which TPPs have access to their data.

The finalisation of the PSR marks a critical milestone by establishing mandatory API performance benchmarks, finally addressing the long-standing “open questions” regarding the testing and reliability of access interfaces. Furthermore, the 2026 standards have refined SCA by extending the re-authentication requirement for account information services from 90 to 180 days, significantly reducing user friction. These updates, alongside the new Verification of Payee (VoP) requirements, provide the clarity needed for firms to move beyond mere compliance and into the era of Open Finance (FiDA).

Strong Customer Authentication (RTS SCA) 

Strong Customer Authentication (SCA) is the core security mandate under the Payment Services Regulation (PSR), evolving from the original standards set out in Commission Delegated Regulation (EU) 2018/389. SCA requires payment service providers to apply authentication based on at least two independent elements drawn from knowledge (something the user knows), possession (something the user possesses), and inherence (biometrics).

The primary purpose of SCA is to reduce fraud and secure electronic payments. In 2026, SCA is deeply embedded in the European market through mobile biometrics, app-based approval flows, and 3-D Secure protocols. Under the current regime, SCA is required when a payer:

A critical refinement in the 2026 framework is the 180-day re-authentication rule, which allows AISPs to maintain account access for six months before requiring a fresh SCA challenge—doubling the previous 90-day limit to improve the user experience. Furthermore, the PSR now mandates SCA accessibility, requiring banks to provide authentication methods that do not exclusively rely on smartphones (e.g., hardware tokens), ensuring digital inclusion for all users.

While SCA has significantly reduced credential-based fraud, EU authorities have now supplemented it with mandatory Verification of Payee (VoP). This system addresses the rise in social engineering and Authorised Push Payment (APP) scams by requiring banks to verify that the recipient’s name matches the IBAN before a payment is authenticated. This makes SCA a vital component of a multi-layered fraud-control strategy rather than a standalone solution.

Risk-based Authentication Approach (RBA) for RTS SCA

Under PSD2, the European Banking Authority (EBA) was mandated to develop Regulatory Technical Standards (RTS) specifying the requirements for Strong Customer Authentication (SCA), related exemptions, and common and secure open standards of communication. These rules were set out in Commission Delegated Regulation (EU) 2018/389, which has applied since 14 September 2019.

The RTS provides several exemptions from SCA, but these are optional for payment service providers, not automatic rights for merchants or customers. The most important exemptions include:

Contactless payments at point of sale
SCA need not be applied where the individual contactless transaction does not exceed EUR 50, provided that either the cumulative amount of previous exempted contactless transactions since the last SCA does not exceed EUR 150, or the number of consecutive exempted contactless transactions does not exceed five.

Unattended terminals for transport fares and parking fees
Transactions at unattended terminals for transport fares or parking fees may be exempt from SCA. This exemption exists for operational and public-interest reasons, such as avoiding queues and safety risks.

Low-value remote electronic payment transactions
For remote electronic payments, PSPs may apply an exemption where the individual transaction does not exceed EUR 30, subject to cumulative thresholds of EUR 100 or five consecutive remote transactions since the last SCA.

Recurring transactions
For a series of recurring transactions with the same amount and the same payee, SCA is required when the series is created, amended, or initiated for the first time, but not necessarily on each subsequent transaction.

Trusted beneficiaries
Payments to payees previously designated as trusted beneficiaries by the payer may be exempt from SCA, subject to the RTS conditions.

Transaction Risk Analysis (TRA)
The RTS also allows PSPs not to apply SCA for certain remote electronic payment transactions where the provider performs a real-time transaction risk analysis and the transaction is considered low risk. This exemption is subject to strict conditions, including fraud-rate thresholds and transaction-value ceilings. Under the RTS, the maximum exemption threshold value is EUR 100, EUR 250 or EUR 500, depending on the payment type and the PSP’s fraud rates.

This is the key point to fix in your current draft: TRA is not the same thing as the low-value exemption. The EUR 30 / EUR 100 / five-transaction rules relate to the low-value remote exemption, whereas TRA is a separate exemption based on risk analysis and PSP fraud performance.

Your current wording also overstates the position for “online banking payments”, “mobile app payments” and “mobile P2P payments”. The RTS does not create separate named low-value exemption categories for each of those channels in the way your draft suggests. The legal tests are framed around remote electronic payment transactions and other specific RTS exemption categories, not around a bespoke list of consumer use cases.

Another update is that the old discussion about the RTS still being under legal review, or the thresholds still awaiting finalisation, is now obsolete. The RTS has been in force for years, and the more recent development has instead been the 2022 EBA amendment relating to account-information access, aimed at reducing friction for AISPs and improving consistency in Open Banking access.

Finally, the broader policy context has moved on. The European Commission’s PSD2 review found that, despite SCA, fraud risks remain and Open Banking still functions imperfectly in some areas. That is one reason the EU proposed PSD3 and a new PSR in 2023.

Open Banking Mandate RTS XS2A – Access to Account

Banks are mandated to open their banking infrastructure via APIs to licensed TPPs. This will allow TPPs to provide account information services and enable payment initiation services. It is important to mention that these services can only be provided if the individual customer or the company serviced by the TTP has given an explicit permission to the TPP to access his account.

PSD2 mandates that the sensitive data exchanged between TPPs and bank is as minimal as possible. PISPs may only receive a Yes/No answer from the consumer’s bank about availability of funds before initiating the payment.

By introducing the Open API concept for Open Banking payment ecosystems, PSD2 sets up new regulatory technical standard rules for accessing bank accounts for TPP players, RTS XS2A. PSD2 mandates all banks to allow TPPs to access bank client payment accounts for information and payment initiation services if, and only if, the bank client has explicitly granted permission to the TPP to initiate such a request and that the TPP has either a PISP license or an AISP license.

Subject to adoption of the regulatory RTS XS2A standard, Open APIs shall be an effective and automated means to enable appropriately licensed TPPs to connect to payment accounts in a secure manner, i.e. without compromising security standards and minimising exposure of sensitive payment and account data.

1.2.4 Card Interchange Fee Regulation (IFR)

On 24 July 2013, the European Commission published its proposal for a regulation on interchange fees for card-based payment transactions. This later became Regulation (EU) 2015/751 of the European Parliament and of the Council of 29 April 2015, commonly referred to as the Interchange Fee Regulation (IFR). The regulation entered into force in June 2015.

The IFR introduced harmonised caps on interchange fees for consumer card transactions in the EU. The cap for consumer debit card transactions is 0.2% of the transaction value, while the cap for consumer credit card transactions is 0.3%. These caps have applied since 9 December 2015.

The significance of the IFR extends well beyond the interchange caps themselves. The regulation also introduced broader rules on merchant charge transparency, the honour-all-cards principle, co-badging and choice of payment application, and the separation of card scheme and processing activities. As a result, it became a central part of the EU legal framework for card payments and card acceptance.

In practice, the merchant’s total cost of card acceptance is not limited to interchange alone. What merchants agree with their acquirer is usually the merchant service charge (MSC) or another pricing arrangement. That overall acceptance cost typically consists of the interchange fee, scheme fees, and the acquirer’s own markup or service charge. It is therefore more accurate to distinguish between interchange, which is the transfer between issuer and acquirer within the card-payment chain, and the total price paid by the merchant for acceptance.

The European Commission’s later reviews have found that the IFR succeeded in reducing interchange fees for in-scope consumer card transactions, but they also noted ongoing concerns about the degree to which savings were passed through, especially to smaller merchants, and about the growing importance of other cost elements, including scheme fees. For this reason, the practical impact of the IFR should be assessed not only through the interchange caps, but through the broader economics of card acquiring and acceptance.

1.2.5 The Open Banking Mandate of the PSD2 

The adoption of the revised Payment Services Directive, PSD2, entered into force on 12 January 2016. The PSD2 introduced new payment services and new types of payment service providers for the digital payment market, and it extended and clarifies the scope of existing payment services.

More important and for the very first time in Europe, PSD2 sets the stage for pan-European Open Banking:

From January 2018, Europe has a unique legal framework for Open Banking, which fully entered into force in September 2019. The PSD2 challenges both the banking industry and the emerging payment service providers, FinTechs.

An irrevocable shift to Open Banking in Europe has become inevitable, and it offers both banks and FinTechs new opportunities to generate differentiation and new revenues.

In parallel, mobile technologies and new consumer demands are rapidly transforming the financial services industry. Europe’s consumers embrace Open Banking and challenge the banking industry. They demand Open Banking services while the FinTechs demand for standardised Open APIs to get authorised access to customer account data and banking infrastructure.

There are three main topics addressed by the PSD2. These topics cover the introduction and regulation of new parties in the digital payment market, setting up new rules trusted payment providers (TPPs) and improving payments security.

1) PSD2 regulates the role of two types of new trusted payment providers (TPPs) and their services.

2) PSD2 sets up the rules for access to the customer’s accounts (XS2A). Banks are mandated to open their core banking infrastructure via APIs to licensed TPPs. This will allow TPPs to provide account information services and enable payment initiation services. It is important to mention that these services can be provided only if the customer has given an explicit permission to the TPP to access his account.

3) Improvement of payment processing security by introduction of Regulatory Technical Standards for Strong Customer Authentication (SCA). SCA is an authentication process that shall include two or more authentication factors. PSD2 mandates the use of SCA when the customer initiates any electronic payment transaction, whether it is to make a payment or access their bank/TPP services.

The technical requirements for the Strong Customer Authentication (SCA) and access to accounts (XS2A) that are defined in PSD2 have own timelines. The European Banking Authority (EBA) is mandated to define necessary requirements for SCA and XS2A in the Regulatory Technical Standards (RTS). The earliest date of the RTS coming into force is 18 months after the RTS is adopted by the EU Commission.

On 28 November 2017, the EBA and the EC had submitted its final Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) to The European Parliament and Council. However, the effective date of the RTS was pushed back to December 2020.

However, for the payments industry, the PSD2 requirements regarding the SCA and XS2A can’t be ignored even before the RTS is in place.

Open Banking access directory 

PRETA, the subsidiary of EBA Clearing, is the provider of pan-European payment infrastructure solutions currently owned by 48 shareholder banks.

According to PRETA, its Open Banking Europe received support from over 40 major European financial institutions and service providers. They had signed up to fund and complete PRETA’s pan-European PSD2 Open Banking access directory. Open Banking Europe was acquired by Konsentus in January 2021.

With the delivery of this directory, PRETA’s Open Banking Europe initiative is answering to the market need for a single, standardised, trusted and machine-readable repository of regulatory data related to trusted payment providers (TPPs).

The directory is an important element in enabling access-to-account (XS2A) services. It will also provide operational data for all regulated account-servicing payment service providers (ASPSPs) and TPPs in Europe as well as data on qualified trust service providers (QTSPs), which issue the PSD2 eIDAS certificates needed for the identification of TPPs.

Background – PRETA’s objective is to ensure the protection of the individuals’ digital identities and empower them with secure and simple solutions for their online and mobile activities. PRETA has a pan-European perspective and encourages the collaboration of all players – from payments industry authorities to businesses, government and system integrators – to drive forward the European digital economy and Digital Single Market.

1.2.6 General Data Protection Regulation (GDPR) 

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU). Since the Regulation applies regardless of where websites are based, it must be heeded by all sites that attract European visitors, even if they don’t specifically market goods or services to EU residents.

Adopted in April 2016, the Regulation came into full effect in May 2018, after a two-year transition period. The GDPR replaces the Data Protection Directive 95/46/EC and is designed to:

The GDPR mandates that EU visitors to all websites must be given a number of data disclosures. Sites must also take steps to facilitate such EU consumer rights as timely notification in the event of personal data being breached (breach notification). Among others, the GDPR mandates the user’s right to access its data and the right to be forgotten. In addition, the conditions for consent have been strengthened, and companies are no longer able to use long, illegible terms and conditions full of legalese. Also, it must be as easy to withdraw consent as it is to give it.

1.2.7 eIDAS Regulation and Digital ID Trends 

The electronic Identification, Authentication and Trust Services regulation (eIDAS) is a set of EU standards and regulations for electronic identification and trust services for electronic transactions in the European Single Market. It was established in the EU Regulation as of 23 July 2014, relating to electronic identification, and repeals directive 1999/93/EC from December 1999. It entered into force on 17 September 2014 and applies from 1 July 2016 except for certain articles, listed under its article 52.

In June 2021, the European Commission proposed an update to eIDAS that will enable every European to have a set of digital identity credentials recognised anywhere in the EU. In May 2024, Regulation (EU) 2024/1183 entered into force, formally establishing the European Digital Identity (EUDI) Wallet under the revised eIDAS 2.0 framework. The regulation requires all EU Member States to provide at least one interoperable digital identity wallet within 24 months of the adoption of the implementing acts, placing the expected rollout across the EU by late 2026.

Throughout 2025, the European Commission has continued to issue implementing regulations defining the wallet’s technical architecture, certification procedures, and security requirements. The framework embeds privacy-by-design, data minimisation, and user consent principles, ensuring data remains under user control and stored locally on the user’s device.

Pilot projects launched between 2023 and 2025 have been finalising testing across Member States to validate interoperability, usability, and cross-border functionality. From 2026 onward, public and private entities that require strong electronic identification will be expected to recognise and accept the EUDI Wallet for secure authentication and digital transactions across the EU. Many digital ID schemes operate based on super-secure passwords and/or mobile apps confirmed by a second factor, either passwords or one-time token or biometric factors such as fingerprints.

Digital ID in Europe has been proliferating rapidly in recent years. To date, both the nature of these schemes and their application have varied widely – for example, BankIDs in the Nordics being used to support instant payments and the delivery of harmonised government services.

The EU also confirmed in June 2021 that it is to introduce a European Digital Identity Wallet that will enable citizens to link their national digital identity with other personal attributes and will be recognised in all 27 EU member states.

eID platform initiative – In May 2017, a group of European companies including banks, vehicle manufacturers and technology providers signed a “corresponding declaration of intent” to establish a joint, pan-industry platform that will let their customers use a so-called “master key” for registration and identification when accessing online services across a range of sectors including government, aviation and retail.

Biometric Authentication Services

As a form of digital identity, biometric factors have been gaining ground across Europe in recent years, especially since the EU mandated their use for national ID cards and passports from August 2021.

In the payments industry, European banks and other account servicing payment service providers (ASPSPs) have started to support new biometrics technology companies that will develop client identification and authentication systems. They will be dedicated to the research and development of software for the digital verification and authentication of personal identity, through facial, voice, image or document recognition, or fingerprint reading.

With the EU regulator’s decision to mandate Strong Customer Authentication (SCA) as part of the revised payment services directive, PSD2, biometric authentications look set to grow further in importance as part of the payments landscape.

Companies such as Sweden’s Fingerprints (for online payment ID) and the UK’s Fingopay (for physical payments) have pioneered their use in P2P and P2B transactions, while some national ID schemes such as BankID in the Nordics and nemID now include biometric factors alongside PIN in their log-in processes.

Fingerprints (Sweden): Continues to lead development of biometric sensors, especially for fingerprint-enabled payment cards and mobile devices in Europe, supporting both remote (online) payment ID and card-based transactions since 2025.

Fingopay (UK): Specialises in vein recognition systems for physical payments, with deployments in retail, hospitality, and transport, pioneering biometric authentication for point-of-sale transactions and peer-to-peer (P2P) settings.

National ID Schemes: Nordic BankID services (Sweden, Norway) and Denmark’s NemID (transitioning to MitID) now commonly offer biometric log-in options—such as face and fingerprint authentication—alongside traditional PIN/password, used for identification in financial, public, and private sector services.

Biometric Authentication in European Payments

Mandatory Biometric ID in 2021: The EU’s mandate for biometric factors in national ID cards and passports (effective August 2021) remains pivotal, but since October 2025, the EU Entry/Exit System (EES) now also requires non-EU travellers to provide fingerprints and facial images at Schengen borders, expanding the scope of biometric use beyond citizen documentation to cross-border controls.

Visa Payment Passkey and FIDO2: New biometric authentication solutions have launched. For example, Visa Payment Passkey (integrating FIDO2 standards) eliminates passwords/OTPs in favour of on-device biometrics (fingerprint/face/PIN). This is now being deployed by PSPs across both online and physical commerce, streamlining checkout and reducing fraud.

Technology, Regulation & M&A: The biometrics market is highly concentrated among leading tech firms and banks, with rising mergers and acquisitions. PSD2’s Strong Customer Authentication (SCA) mandate continues to accelerate biometric adoption, driving development of multi-factor authentication—including behavioural biometrics and integrated biometric sensors on payment cards.

Contactless & In-App Advances: Biometric authentication is now standard for unlocking mobile wallets, accessing payment apps, in-app payment approvals (e.g., Apple Pay biometric authentication), contactless biometric cards using integrated fingerprint sensors, and biometric cash withdrawals via finger vein scanners in ATMs.

Additional Trends and Initiatives for 2025

Behavioural Biometrics: Adoption of behavioural biometrics (monitoring patterns of user behaviour) is growing fast, offering adaptive fraud prevention that goes beyond static physical templates.

Consolidation and Partnerships: Major banks, fintechs, and tech providers are acquiring smaller biometric firms to gain advanced capabilities and expand market reach.

Regulatory Drivers: PSD2, Open Banking, EIDAS, and AML regulations are all directly boosting biometric authentication deployment.

Mastercard Identity Check – Mastercard launched Identity Check in October 2016, pioneering biometric authentication for online card payments across much of Europe. 3D Secure (EMV 3DS) is the framework enabling these secure authentications, often using SMS codes, push approvals, or biometrics (fingerprint/face).

Since 2024, Mastercard has expanded Identity Attribute Verification services, integrating them with new European Digital Identity Wallet pilot programs. This supports not only consumer-to-merchant payments but also richer identity checks (age, address), further reducing friction without compromising security.

Today, 2-factor authentication for Mastercard payments may use one-time codes, fingerprint/face recognition in mobile apps, and sometimes dedicated hardware or behavioural biometrics, complying with PSD2’s Strong Customer Authentication (SCA) mandate.

Mastercard Identity Check (EMV 3-D Secure) is supported in all European Economic Area (EEA) countries, the United Kingdom, and most other European markets, along with global acceptance in North America, APAC, and Latin America through Mastercard’s international network.

For Europe specifically, this means Mastercard Identity Check is available in at least 30 countries (all EEA states plus the UK, Switzerland, and several others). The number continues to grow with compliance expansion and global merchant adoption.

Payments-specific biometric initiatives are included in the individual country profiles of the Yearbook.

1.3 Competing Payment Ecosystems

This chapter provides a brief introduction into three competing payment ecosystems in Europe:

Cash payments, card payments and cardless payments directly from bank accounts are all relevant for merchants and heavily used by consumers.

All payment services in Europe are based on the legal framework for payment services of the European Commission effective in the European Economic Area (EEA) and the national regulators in non-EEA countries.

Social Cost of Retail Payment Instruments 

The use of different retail payment instruments has important economic implications for society. The European Central Bank’s landmark 2012 study on the social and private costs of retail payment instruments in 13 European countries estimated that the social costs of providing retail payment services amounted to almost 1% of GDP across the sample. It found that around half of these social costs were incurred by banks and payment infrastructures, while retailers accounted for a very large share of the remainder. The study also concluded that, on average, cash had the lowest unit cost per transaction (€0.42), followed by debit cards (€0.70), while instruments such as cheques were significantly more expensive.

However, this evidence should now be treated as a historical benchmark rather than a current picture. The ECB’s 2022 Occasional Paper reviewing newer national studies stressed that the 2012 pan-European study was based on 2009 data and remains the only Europe-wide source of that type, but that more recent national evidence points to important changes in the cost structure of retail payments. In particular, the ECB found that in countries such as Denmark, Italy, Poland and Portugal, the overall social costs of retail payments relative to GDP had declined over time, suggesting that the ongoing shift towards electronic payments has made retail payments less costly overall in many markets.

The same 2022 ECB review found that the unit costs of debit card payments have decreased over time, and that the gap between the unit costs of cash and debit cards has narrowed materially. In some countries, debit card payments were already cheaper than cash on a per-transaction basis, reflecting economies of scale as card usage increased. The ECB explicitly linked this to changing payment habits, especially the migration from cash to electronic payments.

That means the older formulation that “cash payments are nearly half of the total social costs” needs qualification. It was valid in the context of the 2012 study, when cash remained very heavily used, but the European payments landscape has changed markedly since then. Recent ECB payment statistics show that card payments accounted for 57% of the total number of non-cash transactions in the euro area in the first half of 2025, while credit transfers accounted for 22%, direct debits 14% and e-money payments 6%. This underlines how much the transaction mix has shifted toward electronic instruments.

Your comments on economies of scale still broadly stand, but they can now be made more confidently and with newer support. The ECB’s 2022 review concluded that rising usage of debit cards, which carry relatively high fixed costs but lower marginal costs, has reduced their unit costs relative to cash. So the key current message is not simply that cash was once cheapest on average, but that the relative efficiency of payment instruments changes as volumes migrate and scale increases.

The 2016–2025 discussion in your draft also needs tightening. It is reasonable to say that the IFR reduced debit-card interchange caps, but it is too speculative to infer from that alone that social costs across Europe in 2025 remain essentially as indicated by the 2012 ECB study. What can be said more safely is that later ECB work and national studies suggest a continued shift toward electronic payments, lower relative costs in several countries, and narrowing cost differences between cash and debit cards. Concerns about rising scheme fees and merchant acceptance costs may still be relevant commercially, but they are not the same thing as a Europe-wide measure of social costs.

1.3.1 Cash Payment Ecosystem

In 2020, the European cash payment ecosystem was composed of traditional cash payments, unregulated digital cryptocurrency products of independent payment service providers and the future segment of central bank digital currencies, CBDC.

The regulators and the national central banks are challenged by unregulated independent cryptocurrency products. The regulators consider regulated digital currencies such as a digital euro instead.

This chapter of the Yearbook is the only chapter that provides basic information about cash payments.

Use of Cash in Europe

Cash remains an important retail payment instrument in Europe, although its role has continued to decline as card and other electronic payments have expanded. In the euro area, the European Central Bank’s survey evidence shows that cash is still widely used, especially for smaller purchases, but it no longer dominates point-of-sale transactions to the same extent as in the past. In 2016, cash accounted for 79% of point-of-sale transactions in the euro area; this fell to 72% in 2019, 59% in 2022 and 52% in 2024. In value terms, the share of cash at the point of sale declined from 54% in 2016 to 39% in 2024.

Card payments have gained significant ground over the same period. In 2016, cards accounted for 19% of point-of-sale transactions in the euro area; by 2024 their share had risen to 39%. The ECB also reports growing use of mobile app payments at the point of sale, which reached 6% of transactions in 2024.

The earlier country-by-country picture should now be treated as historical rather than current. The ECB’s 2016 study showed major differences across euro area countries, with particularly high cash usage in several southern European markets as well as Germany and Austria, while countries such as the Netherlands and Finland recorded much lower cash shares. Since then, however, the broader direction of travel has been a continued shift towards digital payments across the euro area.

The pandemic-era decline in cash use can now be described with observed evidence rather than forecast. ECB survey results published in December 2024 show that cash remained the most frequently used means of payment at the point of sale in the euro area in 2024, but only narrowly, and its share continued to fall as consumers increasingly used cards and digital methods. At the same time, cash remains socially and commercially important: 62% of euro area consumers considered it important or very important to have cash as a payment option, even though 55% preferred cards and other cashless means in shops, compared with 22% who preferred cash.

Overall, the current picture is that cash remains significant in Europe, particularly for lower-value purchases and as a valued fallback payment option, but its transactional share has fallen substantially over the past decade as cards and other electronic payment methods have become more common.

1.3.2 Card Payment Ecosystem 

The European card payment ecosystem has a competitive decentralised infrastructure. The adoption of the revised Payment Services Directive, PSD2, has set the stage for Digital Card Payments in Europe.

PSD2, disruptive technologies and the competing Open Banking payment ecosystem challenge the card payments industry in Europe. On the other hand, they are accelerating digital payment transformation and mobile payment services.

Contactless plastic cards, virtual cards for internet use, and mobile HCE NFC payments with cards are mainstream in Europe. This includes mobile card payments with Apple Pay, Google Pay and Samsung Pay.

The card payment ecosystem in Europe is composed of four-party card schemes, three-party card schemes and supporting payment service providers such as card issuers, card acquirers, card processors and payment technology suppliers.

Many domestic card schemes in Europe and the international card schemes Mastercard and VISA are four-party schemes composed of cardholders, card issuers managing the card account, merchants and card acquirers managing the merchant account. The four-party schemes are not card issuers and not card acquirers.

American Express, Discover and JCB are three-party card schemes in Europe serving cardholders and merchants. These schemes take the issuer role and the acquirer role in Europe supported by sales agreements with supporting payment service providers such as card acquirers.

An important feature of the European card market has been the central position of domestic interbank payment organisations and service providers, of which there have been one or more in nearly every market. The other important feature is the strong position of domestic card schemes and their supporting domestic banks in the countries of the European Economic Area (EEA).

From 2015, cross-border competition and digital payment strategies are driving the ongoing consolidation process in the payments industry in Europe and worldwide. Even more, card payment service providers continue to invest in digital payment transformation for several good reasons.

The latest challenge for card payment service providers is Open Banking payment services. In line with the digital market strategy of the European regulators and PSD2, there is an emerging cardless Open Banking payment ecosystem with new types of cardless payment service providers.

For more details about the card payments industry in Europe please refer to another part of the overview section: Card Payment Ecosystem.

For more details about market dynamics at an Issuer level and at Acquirer level, please refer to other sections of the European overview section: Card Payments Overview and Card Acquiring and Acceptance.

For more details at country level, please refer to the individual country profiles of the Yearbook, which have been updated in the light of the new European context.

1.3.4 Open Banking Payment Ecosystem 

In the Yearbook, the Open Banking payment ecosystem excludes retail banking, banking services of banks with clients, and Open Finance but includes non-card digital payments made by account holding consumers for their purchases at merchants, the non-card payment technology, and the supporting payments industry.

The Open Banking payment market has a competitive decentralised infrastructure. The adoption of the revised Payment Services Directive (PSD2) has set the stage for Open Banking Payments in Europe.

PSD2, disruptive technologies and the competing card payment ecosystem, challenge the European banks and the emerging Open Banking payment ecosystem in Europe. On the other hand, they accelerate digital payment transformation and mobile payment services account-to-account (A2A).

The Open Banking payment ecosystem in Europe is composed of account servicing payment service providers (ASPSPs), payment initiation service providers (PISPs), account information service providers (AISPs), interbank organisations managing digital payment schemes, digital payment processors, and supporting digital payment technology suppliers.

Innovative European banks push digital banking and domestic mobile payment service apps, which enable digital credit transfers directly from bank accounts of participating banks.

In several European countries, there are new bank backed interbank organisations, which operate domestic IBAN-based credit transfer payment services as 4-party models with intended option to add instant payments and mobile P2P payments to the service.

Encouraged by the ECB, leading European payment service providers announced the launch and support for a European-wide cardless digital payment scheme based on instant payments.

In the tradition of successful domestic card scheme businesses, the innovative domestic banks in several European country have launched cardless IBAN-based credit transfer payment services fit for the digital economy and addressing the digital payment demands of consumers and innovative merchants.

With a digital payment strategy in mind, they combined digital banking technologies and existing IBAN-based payment instruments with the objective to launch digital payment services with use cases for in-store payments and online payments.

In several European countries, there are new bank backed interbank organisations, which operate domestic IBAN-based credit transfer payment service 4-party models with the intent to add instant payments and mobile P2P payments to the service.

For more details about the cardless payments industry in Europe please refer to another overview section of the Yearbook edition 2025-26: Open Banking Payment Ecosystem.

For more details at country level, please refer to the individual country profiles of the Yearbook edition 2025-26, which have been updated in the light of the new European context.

Open Banking in Europe

From January 2018, Europe has a unique legal framework for Open Banking, which fully entered into force in September 2019. The PSD2 challenges both the banking industry and the emerging payment service providers, FinTechs.

An irrevocable shift to open banking in Europe has become inevitable, and it offers both banks and FinTechs new opportunities to generate differentiation and new revenues.

In parallel, mobile technologies and new consumer demands are rapidly transforming the financial services industry. Europe’s consumers embrace open banking and challenge the banking industry. They demand for Open Banking services while the FinTechs demand for standardised Open APIs to get authorised access to customer account data and banking infrastructure.

Since the initial implementation of the legal framework in 2018, Europe has witnessed an irrevocable shift toward open financial ecosystems. As of early 2026, the industry is transitioning from the original PSD2 to the Payment Services Regulation (PSR) and PSD3. This new regulatory “Single Rulebook” addresses the technical frictions of the past, mandating higher API performance and more robust consumer protections.

Open Banking is no longer just a challenge for incumbents; it is a matured reality where banks and FinTechs collaborate to generate new revenue streams. Driven by the Instant Payments Regulation and the rise of Variable Recurring Payments (VRPs), consumers now demand real-time, automated financial services as a standard.

The Evolution of Open Banking

Today, Open Banking has evolved into a broader “Open Finance” movement (governed by the FiDA framework), which refers to:

Broadening the Scope

While Open Banking began with IBAN-based payments and account information, the 2026 landscape—driven by the Financial Data Access (FiDA) regulation—expands into “Open Finance.” This impacts both retail and corporate segments, spanning:

The Strategic Pillars (EBA 2026)

According to the European Banking Authority (EBA), the key dimensions of this evolution are now fourfold:

  1. The Driver: Direct regulation (PSR/FiDA) and the “Savings and Investment Union.”
  2. The Enabler: Standardized API technology and Digital Identity (EUDI Wallets).
  3. The Asset: High-quality, real-time financial data.
  4. The Safeguard: Mandatory Verification of Payee (VoP) and enhanced fraud liability shifts to protect the ecosystem.

Open Banking in 2026 is characterized as a technology-driven evolution of the entire financial industry, providing customers with total transparency and granular control over their digital assets and personal data.

Open Banking Use Cases

Open Banking use cases identified in the European markets are composed of banking services, payment services, personal finance management services (PFM) and complementary value-added services. For illustrative reasons, selected use cases for individuals are listed here:

Open Banking Challenges 

The adoption of the revised Payment Services Directive, PSD2, has set the stage for Open Banking in Europe, a European Open Banking Mandate with significant impact on the financial services industry. PSD2 challenges for banks and FinTechs include Open Banking, Open APIs, and the rollout of digital payment services and mobile apps.

PSD2 lowered the barriers for market entry to third-party service providers, FinTechs, and it opened the doors for innovative players to offer services that did not exist, e. g. account information services, third-party personal finance management, digital identity, and KYC.

PSD2 has changed the European payment and banking landscape and ultimately the position and role of banks in the digital payment ecosystem. FinTechs drive the change with the banking industry still seeking the right strategy.

Post-PSD2, the key question for the financial service industry will be how to grant authorised access for their FinTech partners to bank account information, for instance secure access to account balance, payment data, credit risk and others.

For banks, the impact of the PSD2 is that they are no longer the only ones that have access to the bank customer information. Bank customers will now decide who they want to grant access to their payment information. Alongside this initiative, with new services based on access to bank accounts (XS2A), banks may lose the direct connection to their customers. To maintain their position in the new PSD2 reality, banks will need to adapt their business and operational models.

By end-2025, notable challenges for the European banking industry include:

1.4 Overview of Cashless Payments in Europe 

The number of cashless payments and especially card payments vary significantly between European countries. For more details about market dynamics in a single country, please refer to other parts of the European overview section: Card Payments Overview and Card Acquiring and Acceptance.

For more details at country level, please refer to the individual country profiles of the Yearbook, which have been updated in the light of the new European context.

According to the ECB, in 2024, around 52% of all payments at POS were made with cash, 39% with cards and 6% with mobile payments. In terms of value, cards have overtaken cash as the dominant payment method. Card payments now represent 45% of the total value of transactions, while cash accounts for 39%.

This chapter provides a brief overview of regional cashless payments in 33 European countries (EU27, UK, Norway, Iceland, Switzerland, Turkey and Serbia) covered in the Yearbook but excludes cash payment.

In 2024, card payments accounted for 65.86% of all cashless payments in the EU33, compared to 60.60% across the EU27 in 2024. They showed a 16.15% compound annual growth rate (CAGR) in the last five years.

Credit transfer (23.95%) and direct debits (9.47%) are the other significant cashless payment instrument in Europe. Cheque use (0.42%) is marginal. Cheques are used for one-off, high-value payments such as property purchases.

In 2024, there were 382.97 cashless payments per capita, up by 9.65% from 2023. They were composed of 252.98 card payments per capita, 91.99 credit transfers per capita, 36.39 direct debits per capita, and 1.61 cheque payments per capita.

4 - Cashless Payment Transactions in 33 European Countries
20202021202220232024GR 23/24CAGR 5Y
Card payments (m) 95,746.3 112,917.3 120,590.7 142,676.2 158,712.7 11.24%16.15%
Cheque payments (m) 1,583.7 1,456.6 1,387.0 1,150.9 1,008.8 -12.35%-18.00%
Credit transfers (m) 40,107.4 44,623.7 42,271.3 51,617.6 57,712.9 11.81%11.69%
Direct debits (m) 22,956.9 24,254.1 22,669.0 22,108.3 22,831.2 3.27%-1.89%
Other payment services (m) 1,283.4 1,314.6 720.9 782.2 728.9 -6.81%-15.89%
Total cashless payments (m) 161,677.7 184,566.2 187,638.9 218,335.2 240,994.4 10.38%11.82%
Total card payments per capita 154.43 181.76 193.66 229.05 252.98 10.45%15.67%
Total cheques issued per capita 2.55 2.34 2.23 1.85 1.61 -12.97%-18.34%
Total credit transfers per capita 64.69 71.83 67.88 82.87 91.99 11.01%11.22%
Total direct debits per capita 37.03 39.04 36.40 35.49 36.39 2.53%-2.30%
Total cashless payments per capita 258.70 294.98 300.17 349.25 382.97 9.65%11.57%
Note: card payments include e-money purchases. Other payment services include remittances, transactions via telecommunication or IT devices, and few OTC.
Note: Other payment services include remittances, transactions via telecommunication, digital or IT devices, and cashless OTC cash withdrawals and deposits.
Note: payment data is for 33 countries: EU27 + UK, Norway, Iceland, Switzerland, Turkey and Serbia.
Source: ECB, national central banks, PCM research.

Cards and Card Use – Across the 33 European countries covered by the Yearbook, there were 1,525.2 million cards in circulation at the end of 2024, up 6.98% from 2023, of which 67.0% were debit cards and 33.0% were credit cards and delayed debit cards. On average, there were 1.94 payment cards per capita in the EU27 countries.

In 2024, there were 165.32 billion card payments in the E33 countries, an increase of 11.63% compared to 2023. There was an average of 264.1 card payments per capita.

The value of card payments across the E33 countries rose by 11.87% to €5,842.6 billion by the end of 2024, up by 9.89% over the five years since 2020. The calculated Average Transaction Value (ATV) per card payment declined to €35.34 down by 0.21% from 2023, reflecting more lower-value payments with contactless cards.

5 - Selected Regional Card Payment Summary
20202021202220232024GR 23/24CAGR 5Y
Total cards in the European E33 countries (m)1,177.11,216.91,320.41,425.61,525.26.98%6.33%
- thereof debit cards (m)813.6860.4892.4954.51,021.77.05%5.84%
- thereof credit cards and/or delayed debit cards (m)358.9352.7370.0390.0402.73.25%2.92%
Average payments per card per year80.9 92.9 101.1 103.9 108.4 4.34%4.97%
Payment cards per capita (EU28/EU27 (2020+))1.651.721.851.811.947.19%4.38%
Debit cards in % of cards total69.1%70.7%67.6%66.9%67.0%0.06%-0.46%
Card payments in the E33 countries (m) 95,178.4 113,033.3 133,535.2 148,099.7 165,320.9 11.63%11.62%
Value of card payments in the E33 countries (€bn)3,568.7 4,144.2 4,806.3 5,222.9 5,842.6 11.87%9.89%
ATV per card payment€37.49€36.66€35.99€35.27€35.340.21%-1.55%
Card payments per capita153.5182.0214.4236.6264.111.63%11.38%
- thereof debit card payments per capita121.9145.4171.8188.2208.110.58%11.74%
- thereof credit card and delayed debit card payments per capita31.636.642.848.653.39.62%8.93%
Note: around 29.5% of all cards in the E33 region are of type credit card and/or delayed debit card.
Source: Yearbook Research (European E33 countries).

Calculated Indication of Online Payment with Cards – The indication of online payments with cards is calculated by subtracting POS payments from the total of card payments. Although different cross-border payment may have impact on the calculated indication, it provides a basic view on online card payments.

In 2024, there were 26.75 billion online payments with cards in the E33 countries, an increase of 46.38% from 2023 (CAGR: 27.04%). There was an average of 42.7 online card payments per capita.

The value of online payments with cards across the E33 countries increased by 68.21% to €1,549.8 billion by the end of 2024 (CAGR: 34.00%). The calculated Average Transaction Value (ATV) per online card payment increased to €57.92, up by 14.91% from 2023.

More interesting to note is that the market share of online card payments by number and by value accounted for 16.2% and 26.5% of the total card payments in the 33 countries covered in the Yearbook, respectively.

Note: online card payments are only a one part of the total digital payments in online shops as cardless online payments and traditional deferred payments are not included in the calculated indication.

6 - Online Payments with Cards in 33 European Countries - Calculated Indication
20202021202220232024GR 23/24CAGR 5Y
Online card payments in the E33 countries (m) 10,022.8 13,402.3 10,527.7 18,278.8 26,756.7 46.38%27.04%
Value of online card payments in the E33 countries (€bn)453.7663.5658.7921.41,549.868.21%34.00%
ATV per online card payment€45.27€49.51€62.57€50.41€57.9214.91%5.48%
Online card payments per capita16.221.616.929.242.746.38%26.74%
Online card payments in % of total card payments10.5%11.9%7.9%12.3%16.2%31.13%13.81%
Online card payments value in % of total card payments value12.7%16.0%13.7%17.6%26.5%50.37%21.94%
Note: figures are for online card payments in domestic online shops and cross-border abroad.
Note: Online Payment numbers are calculated as difference of total card payments minus POS payments.
Source: Yearbook Research (European E33 countries).

POS Terminals and POS Payments – In 2024, the POS terminal base across the E33 countries grew by 7.25% to 29.89 million.

The total number of POS payments was 138.56 billion. There was an increase of 6.73% compared to 2023, compared to the CAGR of 9.67% seen over the last five years. On average, there were 220.9 POS payments per capita each year, with a statistical POS ATV of €30.98 across the E33 countries. Naturally, the POS ATV varies by country and reflects national payment habits.

7 - POS Payment with Cards in Europe
20202021202220232024GR 23/24CAGR 5Y
POS terminals (000s) in E33 region 19,874.1 21,132.2 25,289.7 27,875.5 29,896.3 7.25%8.94%
Ø Number of TXs per POS per month357.1392.9405.3388.1386.2-0.48%0.67%
POS payments (m) 85,155.6 99,631.1 123,007.5 129,820.9 138,564.3 6.73%9.67%
Value of POS payments (€bn) 3,115.0 3,480.7 4,147.6 4,301.6 4,292.9 -0.20%5.48%
ATV per POS payment€36.58€34.94€33.72€33.13€30.98-6.50%-3.82%
POS payments per capita per year137.3160.4197.5207.4220.96.51%9.37%
POS terminals per 1 million capita (E33)32,054.634,028.640,607.644,524.247,653.07.03%8.65%
POS terminals per 1 million capita (EU28/EU27 (2020))31,480.334,817.042,741.747,601.150,869.16.87%14.20%
Note: figures are for card payments at POS terminals made with domestic cards and with cards issued abroad.
Source: Yearbook Research (E33 countries).

ATMs and Cash Withdrawals with Cards – The number of ATMs continued to decline, with 381,231 ATMs across the E33 countries covered in the Yearbook. This decline of -2.47% from 2023 compares with a CAGR decline of -3.26% in ATM numbers over the last five years. The number of cash withdrawals per ATM each month amounted to an average of 2,157.9 withdrawals.

In Europe, there is a medium-term trend of declining ATM installations owing to bank mergers, branch closures, more shared ATM networks and the higher use of cards. In 2024, ATM density was 607.7 ATMs per million inhabitants of the E33.

Total number of cash withdrawals across all E33 countries covered in the Yearbook showed an overall decline of -2.96% from 2023 and a compound annual growth rate decline of -5.71% over the last five years. There were 9.87 billion cash withdrawals performed across the E33 countries. In 2024, there were 15.7 withdrawals on cards per capita.

The total value of cash withdrawals on cards decreased overall by 0.16% from 2023, representing a low compound annual growth rate of -0.94% between 2020 and 2024. A total of €1,718.3 billion was withdrawn from ATMs across in the region in 2024, with the ATV per withdrawal being €174.06.

8 - ATM Cash Withdrawals with Cards in Europe
20202021202220232024GR 23/24CAGR 5Y
ATM Terminals in E33 region427,011416,977397,427390,869381,231-2.47%-3.26%
Ø Number of TXs per ATM per month1,939.41,946.72,147.82,168.82,157.9-0.50%-2.53%
ATM cash withdrawals (m) 9,938.0 9,740.8 10,243.2 10,172.6 9,871.7 -2.96%-5.71%
Value of ATM cash withdrawals (€bn) 1,533.4 1,558.9 1,632.2 1,721.0 1,718.3 -0.16%-0.94%
ATV per ATM cash withdrawal€154.29€160.04€159.34€169.18€174.062.88%5.05%
ATM cash withdrawals per capita per year16.015.716.416.215.7-3.16%-5.96%
ATMs per 1 million capita (E33)688.7671.4638.1624.3607.7-2.67%-3.53%
ATMs per 1 million capita (EU28/EU27 (2020+))685.3678.8641.3628.4610.2-2.90%-4.01%
Note: figures are for cash withdrawals at ATMs made with domestic cards and with cards issued abroad.
Source: Yearbooks Research (E33 countries).

1.5 Overview of Cashless Payment Services in Europe

Card payments by number are statistically the cashless payments instrument in Europe (see above chapter 1.4). Contactless card payment services and mobile HCE NFC payments with cards are mainstream in Europe.

With the advent of Open Banking payments however, payment initiation services enable account holding consumers to pay with their mobile banking app or a mobile payment app directly from the account in online shops and 1D-barcode or QR-code initiated in-store at POS devices in retail outlets.

For more details about the card payment services please refer to the overview section Card Payment Ecosystem.

For more details about the cardless payment services please refer to the overview section part Open Banking Payment Ecosystem.

For more details at country level, please refer to the individual country profiles, which have been updated in the light of the new European digital payment context.

About Cards, Digital Card and Digital Wallets

Contactless plastic cards, virtual cards for online use, and mobile NFC payments are the primary standards in Europe. While Apple Pay, Google Pay, and Samsung Pay remain dominant, they now face competition from the Wero wallet (launched by the European Payments Initiative), which has integrated national systems like iDEAL (Netherlands) and Bizum (Spain) into a unified account-to-account (A2A) payment rail.

  1. Transition of Card Brands

The branding of European cards has undergone a major consolidation:

  1. Digital Form Factors & The DMA Shift

The technology underlying mobile payments has moved beyond basic cloud-stored credentials to sophisticated Network Tokenization.

  1. Advanced Contactless Form Factors

While smartwatches have become a mainstream payment device, other wearables like NFC rings and smart bracelets have seen 24% year-on-year growth. Conversely, legacy form factors such as NFC stickers and mini-cards have largely become niche products as mobile-integrated wallets and biometric “Tap to Phone” (SoftPOS) technologies became ubiquitous.

Card Payment Checkout Types 

Historically, cards were just used for POS payments replacing cheques and cash, for cash withdrawals at ATMs and MOTO payments for distance selling purposes.

With the event of online commerce, the card schemes enabled their cards for online, e-commerce payments. However, several domestic card schemes such as Germany’s girocard cards were not capable to make the switch to online payments and digital commerce.

Thanks to digital card technologies, cardholders in Europe are now able to pay at contactless POS terminals in retail outlets, pay for purchases in online shops and in-app or pay mobile HCE NFC at contactless POS terminals in-store.

In 2025, the card payment checkout types supported by the card payment industry include:

Classification of Card Payment Services 

Cards with payment function and PIN authentication are the new normal in Europe. Contactless payments for purchases below a predefined contactless limit are without PIN and without transaction receipt.

Online card payment authentication requires a one-time valid 3D-Secure token. However, many online merchants do not demand 3D-Secure authentication in their online shop so far.

In addition, dynamic currency conversion services (DCC) are offered as value added service to merchants.

In 2025, the typical card payment services offered in Europe include:

Classification of Cardless Payment Services 

In Europe, there are more than 80 digital IBAN-based credit transfer payment services and immediate payment services. They are either domestic 4-party models operated by an interbank organisation, mono-line service of a large bank, or independent 3-party models of a PISP.

The cardless digital payment services in the euro countries are based on the SEPA payment instruments SCT, SDD and SCTINST. The cardless digital payment services in countries with non-euro currencies such as the UK, four Nordic countries and the central eastern Europe countries from Poland to Bulgaria are based on domestic payment instruments for credit transfers and immediate payments.

From a mobile payment app user perspective, checkouts for IBAN-based digital payments include:

From August 2014, all euro-denominated IBAN-based digital payment services in the euro countries are based on the SEPA payment instruments:

From a mobile payment app user perspective, IBAN-based payment service use cases include:

The Evolution of Deferred Payment Services 

In the past, traditional deferred payments (like invoice or COD) were manual workarounds for a lack of digital trust. Today, these services have been “digitally reborn” and are now strictly governed by new EU and UK laws that treat them as formal financial products.

  1. BNPL is Now “Regulated Consumer Credit”

The biggest update since your original text is the November 2026 deadline for the EU Consumer Credit Directive (CCD2).

  1. From “Invoice” to “Request to Pay” (R2P)

Traditional “Payment on Invoice” is being replaced by Request to Pay. Instead of a PDF invoice, the merchant sends a digital “payment request” directly to the user’s banking app.

  1. Cash on Delivery (COD) in a Digital World

While COD remains a strategic tool for “trust-sensitive” customers (particularly in Central and Eastern Europe), it has become an operational strategy rather than a primary payment method. In 2026, it is often paired with SMS/Digital Identity verification to reduce the high rate of “delivery refusals” that plagued the model in the early 2020s.

  1. The Role of the EU Digital Identity Wallet (EUDIW)

A major 2026 catalyst is the EUDI Wallet. This allows customers to instantly share their “creditworthiness” or “identity” attributes at checkout. This has effectively solved the “disclosure risk” mentioned in your text; customers can now prove they are a “trusted buyer” without handing over sensitive card or bank credentials to every individual merchant.

1.6 Types of Regulated Payment Service Providers 

Based on their expertise with payment services and disrupting technologies for decades, most payment service providers in Europe and worldwide have a clear view on digital payment transformation for the digital economy.

From 2015, cross-border competition and digital payment strategies are driving the ongoing consolidation process in the payments industry in Europe and worldwide. Even more, card payment service providers continue to invest in digital payment transformation for several good reasons.

Digital payment service providers in Europe and worldwide have started combining card payment services and cardless IBAN-based payment services.

Even more, digital payment processors in Europe combine card processing with ATM/POS network processing, online payment gateway processing and payment initiations services.

The card payment ecosystem in Europe is composed of four-party card schemes, three-party card schemes and supporting payment service providers such as card issuers, card acquirers, card processors and their card payment technology suppliers.

Most card payment service providers focus on contactless card payments and mobile HCE NFC payments.

Card payment service providers in the European card payment ecosystem can be grouped according to their core payment services business models:

The latest challenge for card payment service providers is Open Banking payment services. In line with the digital market strategy of the European regulators and PSD2, there is an emerging cardless Open Banking payment ecosystem with new types of cardless payment service providers.

The Open Banking payment ecosystem in Europe is composed of account servicing payment service providers (ASPSPs), payment initiation service providers (PISPs), account information service providers (AISPs), interbank organisations managing digital payment schemes, digital payment processors, and supporting digital payment technology suppliers.

The cardless payment service providers focus on digital payments compliant with the SEPA payment instruments.

The cardless payment service providers of the European Open Banking payment ecosystem can be grouped according to their core payment services business models:

For more details about the card payment service providers please refer to another part of the overview section: Card Payment Ecosystem.

For more details about the cardless payment service providers please refer to another part of the overview section: Open Banking Payment Ecosystem.

For more details at country level, please refer to the individual country profiles of the Yearbook, which have been updated in the light of the new European context.

1.7 Online Payments in Europe 

Online card payments and account-to-account (A2A) payments directly from bank accounts have become the dominant standard across Europe. Following the finalization of the Payment Services Regulation (PSR) and PSD3 in 2025, the friction previously associated with “traditional” deferred payments has been replaced by a regulated, high-trust ecosystem.

This chapter highlights the sophisticated mix of online payment services in Europe, composed of advanced card tokenization, real-time A2A transfers via Instant Payments, and the “digital rebirth” of deferred payments (BNPL and Invoice) under the 2026 Consumer Credit Directive (CCD2).

Since the mid-2020s, mobile-first shopping has become the default. Payments are no longer just initiated on PCs or mobile apps; they are seamlessly integrated via EUDI Wallets (EU Digital Identity) and cross-channel QR codes. Remote payments are executed using the payment page of the shop, native mobile wallets with open NFC access (thanks to the Digital Markets Act), or pan-European A2A wallets like Wero.

Thanks to technologies such as Network Tokenization, SoftPOS (Tap to Pay on iPhone/Android), and Biometric Passkeys, the boundary between digital commerce and “real world” retail has dissolved into Unified Commerce. Whether scanning a 2D barcode at a terminal or clicking a “Pay by Bank” link in an email, the security and user experience are now identical.

Merchants and Remote Payments

Merchants in all European countries now prioritize “Unified Acceptance.” Innovative acquirers provide “all-in-one” agreements that bundle traditional cards with new A2A rails like Wero, which has consolidated former local giants like iDEAL and Bizum. In 2026, European online merchants offer a streamlined mix of 8-10 high-conversion payment methods, moving away from the “checkout clutter” of previous years.

In addition to standard checkout flows, merchants now leverage SoftPOS technology to turn any mobile device into a payment terminal for “Card on Delivery” or MOTO (Mail Order/Telephone Order) scenarios. For deferred payments, merchants no longer simply “take the risk”; they utilize real-time Request to Pay (R2P) services that provide instant payment guarantees and automated reconciliation.

Innovative merchants have transitioned their loyalty apps into “Super Apps,” integrating Variable Recurring Payments (VRPs) for subscriptions and Verified Payee (VoP) status to build immediate trust with new customers.

While Mastercard and Visa remain the primary card acceptance contracts, most merchants now complement these with the European Payments Initiative (Wero) to reduce dependency on international schemes. Furthermore, “Click to Pay” has replaced manual card entry as the industry standard for guest checkouts, providing a password-less experience across all device types.

Technology Background

Online shops in Europe connect with the financial ecosystem through two primary architectural paths:

The European PSP market has consolidated, with the remaining 400+ providers shifting their focus toward Open Finance (FiDA) integration. These PSPs now act as agents for multiple acquirers and provide “VPSP” (Virtual PSP) platforms that allow banks to offer “Plug-and-Play” merchant services.

Security standards have reached a new peak in 2026. Historically, many merchants struggled with 3D-Secure friction; however, the transition to 3DS 2.3—which utilizes biometric passkeys and device-bound tokens—is now mandatory and ubiquitous. Furthermore, the Verification of Payee (VoP) mandate ensures that every A2A transfer is cross-referenced against the recipient’s bank records in real-time, effectively neutralizing “impersonation” fraud at the point of initiation.

Mix of Online Payment Services in Europe

For many years, it is a fact that cards compete with various other types of online payment services.

As preferred by online buyers, cards continued to dominate the online payments mix in France and the UK. However, in the Netherlands online bank transfers iDEAL (72%), and Acceptgiro (0.5%) are constant followed by credit cards (8%), debit cards (4%) and PayPal (4%).

Generally, the online payment mix is different from country to country, and it depends both on domestic payment behaviours of online buyers, and the individual digital payment strategies of the country.

It is also a fact that the mix of online payment services offered by merchants is individual per online shop and different by market segment. Additionally, the online payment mix preferred by online buyers is sometimes different from the online payment mix as offered by online merchants.

By end-2025, the mix of online payment services offered by European online merchants may include:

The individual country profiles of the yearbooks provide more details about online payments and the typical online payment mix by country.

1.8 Mobile Payments in Europe 

Mobile Network Tokenized card payments and IBAN-based instant mobile payments are the dominant standards in Europe. This includes global solutions like Apple Pay and Google Pay, alongside the European Payments Initiative’s “Wero” wallet, which has unified several domestic A2A (Account-to-Account) systems.

As of 2026, the distinction between e-commerce and m-commerce has dissolved into Unified Commerce. Most mobile devices are now the primary gateway for all transactions, with biometric passkeys replacing legacy passwords. This reflects a reality where the majority of online buyers utilize smartphones not just to purchase, but as their primary identity and payment vault.

In effect, nearly all mobile payments in Europe are now online-authenticated transactions, whether they occur at a physical terminal or within an app. Digital commerce demands frictionless flows, and the 2026 regulatory environment ensures these are supported by high-performance APIs and mandatory Verification of Payee (VoP) security.

While marketing “hype” once drove mobile adoption, the focus has shifted to utility and sovereignty, with European consumers increasingly seeking alternatives to non-European schemes through local A2A innovations and the EU Digital Identity (EUDI) Wallet.

Background

Historically, Europe’s affinity for mobile payments evolved through several “failed” waves, including SMS-based payments and SIM-based NFC pilots (1999–2016). While niche markets for SMS payments remain for services like parking, the true revolution began with the shift to Cloud-Based Execution (HCE) and Tokenization.

Since 2018, the rollout of PSD2 (and now PSD3/PSR) has forced a convergence of technologies. The “bridging” technologies of the past—QR codes and 1D-barcodes—have matured. In 2026:

Orientation

The traditional industry view once separated payments into three distinct silos: “Mobile,” “Remote/Internet,” and “In-Store.” In 2026, this classification is largely obsolete. The rollout of mobile technologies has collapsed these segments into a single converged digital economy.

To provide structured insight, this Yearbook classifies the 2026 market as follows:

Mobile Payments, Smartphones, Tablets, NFC

Since the mid-2020s, a “third wave” of mobile services has emerged, driven by the EUDI Wallet and Open Finance (FiDA). Card schemes have successfully transitioned from physical cards to Network Tokens, ensuring that card details are never shared with merchants, only secure, merchant-specific “keys.”

In 2026, innovative acquirers offer “Omni-acceptance,” where a single contract covers cards, Wero, and local A2A schemes. Key facts supporting this ecosystem include:

Ultimately, “mobile payments” are simply Remote Payments that happen to be location-independent, whether the customer is standing in a shop, at a bus stop, or on their sofa.

Classification of Mobile Payments – Outlook beyond the Hype

The “hype” phase of mobile payments ended with the finalization of the Payment Services Regulation (PSR). By 2026, the market has moved beyond pilots into a consolidated infrastructure.

  1. Mobile Payments on the Internet (Remote)
  1. Mobile Contactless (Proximity)
  1. SoftPOS & SmartPOS (Acceptance)

1.9 Central Bank Digital Currencies, Cryptocurrency Products 

In 2024, the European payment ecosystem was composed of traditional cash payments, digital cryptocurrency products of independent payment service providers and research and development of central bank digital currencies, CBDC. The regulation of cryptocurrencies is becoming increasingly relevant as independent cryptocurrency products have grown more prevalent, posing challenges for regulators and national central banks.

In July 2023, the European Union introduced the Markets in Crypto-Assets (MiCA) regulation, which aims to standardize cryptocurrency regulation across member states, including Luxembourg. This regulation addresses various aspects of crypto assets, such as market integrity, consumer protection, and financial stability, while also promoting innovation in the sector. Under MiCA, crypto-asset service providers will have specific obligations to protect users’ wallets and mitigate investment risks.

Central Bank Digital Currencies (CDBC) – The Digital Cash Challenge 

Central bank digital currency (CBDC), also called digital fiat currency or digital base money, is a digital currency issued by a national central bank (NCB), rather than by a commercial bank. It is also a liability of the NCB and denominated in the sovereign currency, as is the case with physical banknotes and coins.

All CBDCs are under the authority of the respective national central bank, and they are part of the domestic cash payment ecosystem. Rather than a new currency, CBDC is a form of central bank electronic money that could be used by households and businesses to make payments. In addition, most CBDC implementations will likely not use or need any sort of distributed ledger such as a blockchain.

Unlike “retail CBDC,” which is generally designed as a central bank liability universally accessible to individuals and businesses within a jurisdiction’s financial system, “wholesale CBDC” refers to a digitized central bank liability designed for sizable (generally interbank) transactions, and for which access is limited to certain financial institutions.

National Central Banks (NCBs) have been providing trusted money to the public for hundreds of years as part of their public policy objectives. Trusted money is a public good. It offers a common unit of account, store of value and medium of exchange for the sale of goods and services and settlement of financial transactions. Providing cash for public use is an important tool for central banks. Yet the world is changing.

Even before COVID-19, cash use for payments was declining fast and convenient digital payments have grown enormously in volume and diversity. To evolve and pursue their public policy objectives in a digital world, central banks are actively researching the pros and cons of offering a digital currency to the public, a “general purpose” CBDC.

Central banks’ interest in CBDC has increased as a potential means of delivering their public policy objectives. Profound, ongoing changes across finance, technology and society, as well as the recent COVID-19 crisis, provided additional impetus for the research of, and experimentation related to, CBDCs.

CBDC is a national digital currency issued by the central bank that is expected to replace or coexist with fiat money and hold the same value. Mobile money, on the other hand, utilises existing commercial banking-based accounting to manage customer wallet balances based on an exchange with cash or lines of credit and loans.

CBDC is a direct liability on the central bank as it is the main issuer of the currency, whereas digital money is the liability of commercial banks and other authorised financial institutions using funds on account. Although some implementation approaches propose that CBDC can be implemented in either an indirect or hybrid form, its liability remains on the respective national central bank.

Background on CBDC Evolution

In October 2020, the Bank of Canada, the Bank of England, the Bank of Japan, the European Central Bank, the Federal Reserve, Sveriges Riksbank, the Swiss National Bank and the Bank for International Settlements (BIS) published a report, Central bank digital currencies: foundational principles and core features, identifying the foundational principles necessary for any publicly available CBDC to help central banks meet their public policy objectives.

The report focused on a publicly available “general purpose” CBDC (a digital payment instrument, denominated in the national unit of account, that is a direct liability of the central bank).

A “wholesale” CBDC, restricted to financial institutions, is also an active area of exploration, notes the report, for central banks but one that carries different opportunities, challenges, and risks. The report explored the use cases for, and challenges and opportunities arising from, the possible issuance of a general purpose CBDC.

In September 2021, the same seven central banks and the BIS followed up with the publication of a new set of reports exploring the potential of retail CBDCs, including policy options and practical implementation issues. While none of the central banks has yet decided to proceed with a retail CBDC, they recognise such an instrument would have wide-ranging implications. Delivering on the future needs of consumers would require systems that encourage innovation, choice and competition among a diverse mix of intermediaries.

BIS reported that a 2021 survey of central banks found that “86% are actively researching the potential for CBDCs, 60% were experimenting with the technology and 14% were deploying pilot projects.

The People’s Bank of China (PBoC) is piloting a ‘digital yuan’, known as e-CNY, in various cities, often in association with major sporting events, such as the Winter Olympics.

The ECB published a paper on the potential of a “digital euro” in October 2020, exploring the “benefits and risks” of such an initiative. It completed a public consultation in January 2021 and a series of focus groups in December 2021. Its investigation stage is expected to continue until October 2023, after which the ECB “will decide whether to start developing a digital euro.”

The US Federal Reserve reported in February 2022 that while it has made no decisions about “whether to pursue or implement” a CBDC, it was “exploring the potential benefits and risks of CBDCs from a variety of angles and was inviting public feedback on discussion papers.

The Bank of Japan said in October 2020 that it had no plans for a CBDC and was committed to maintain the cash system as long as there was public demand for it. It nevertheless intended to explore technical feasibility through a proof of concept, consider institutional arrangements and coordinate approaches with domestic and international stakeholders. In 2023, the Bank of Japan (BOJ) has announced that it will begin a pilot for its digital yen with commercial financial institutions. In February 2023, Bank of Japan has embarked on a CBDC trial.

In June 2023, the BIS and BoE said they completed a CBDC pilot project involving CBDCs jointly run by the Bank of England (BoE) and the Bank of International Settlements (BIS). Project Rosalind was designed to explore how a “universal and extensible API layer” could connect central bank and private sector infrastructures and enable retail CBDC payments. The project also sought to develop a number of retail-CBDC use cases.

According to the BIS and BoE, the project has successfully demonstrated that “a well-designed API layer could work with different private sector applications and central bank ledger designs and that a set of simple and standardised API functionalities could support a diverse range of use cases”.

In all, the project led to the development of 33 API functionalities and examined 30 retail CBDC cases including peer-to-peer transfers, retail payments for goods and services and small-value business transactions.

While CBDCs are still in experimental phases across major economies, 2024 has seen increased momentum towards real-world implementation, with several countries, notably China and the ECB, moving closer to full-scale rollouts. Public-private collaboration, technological innovation, and privacy concerns remain central to future CBDC development. Central banks worldwide continue to balance innovation with maintaining public trust and financial stability in this rapidly evolving space.

Global Status of CDBCs 

Most National Central Banks (NCBs) are involved in different stages of a CDBC project. Especially, the NCBs have different views on which kind of CDBC they would intend to launch as a digital currency:

As of 2023, the global CDBC status reveals that four central banks – Nigeria (e-Naira), Eastern Caribbean (D-Cash), Jamaica (JAM-DEX), and the Bahamas (Sand Dollar) – have introduced a domestic CBDC scheme.

Six countries have launched a CDBC pilot: France, Canada, China, India, Saudi Arabia, and Ghana.

The NCBs of most other countries are involved in either a CDBC proof-of-concept phase – including Norway, Hungary, and Sweden – or they are still in a CDBC research stage.

So far, Ecuador is the only country that has cancelled its CBDC ambitions, Dinero electronico.

CBDC, the European Union and the Digital Euro

In July 2021, the Estonian Central Bank released a report about its experiment with the ECB and the central banks of Spain, Germany, Italy, Greece, Ireland, Latvia, and the Netherlands to assess the functionality of the digital euro. The project was able to conduct 300,000 transactions per second, with an average rate of less than two seconds per transaction.

In June 2023, the European Commission (EC) has published its legislative proposal establishing the legal framework for a possible digital euro, stressing that the CBDC would be a compliment to, not replacement for, cash.

A digital euro would be available alongside existing national and international private means of payment, such as cards or applications. It would work like a digital wallet, with people and businesses able to pay with it anytime and anywhere in the euro area.

The digital euro would be available for payments both online and offline. While online transactions would offer the same level of data privacy as existing digital means of payments, offline payments would essentially be like paying with cash – with nobody able to see what people are paying for.

The digital euro would be distributed by banks and other payment service providers, with basic services provided to people free of charge. Merchants would be required to accept the digital currency unless they are cash-only firms.

The EC’s proposal still needs to be adopted by the European Parliament and the European Council before the European Central Bank decides whether to roll out a digital euro. Notably, the European Central Bank (ECB) is involved in the preparation phase, which will run until 2025. During this time, technical experimentation and legal discussions are ongoing before any formal rollout decisions can be made​.

As of 2025, the digital euro remains in development but has advanced beyond its early investigation stage. The European Central Bank (ECB) concluded its two-year investigation phase in October 2023 and entered a two-year preparation phase that runs until October 2025. During this stage, the ECB is refining the design, engaging market participants, testing prototypes, and drafting a comprehensive rulebook.

In 2024, the ECB published two progress reports (in June and December) and a third one in July 2025, detailing technical work, design choices (e.g. offline use, calibration, holding limits) and collaboration with stakeholders. The most recent report included further refinement of the rulebook, more user research, and expanded experimentation. The ECB launched an innovation platform that invited private and public sector actors (banking, fintech, merchants) to test ideas, use cases, conditional payments, and prototype features. Around 70 market participants are reported to have been engaged.

On the legal side, the European Commission’s draft regulation for a digital euro is still under negotiation by the European Parliament and Council. Adoption of this regulation is essential before the ECB can issue the digital euro. ECB leaders, including Christine Lagarde, have called on lawmakers to accelerate this legislative process. By October 2025, the ECB has indicated a second phase of the preparation for the Digital Euro. By then, the ECB will have prepared an outreach plan, procurement standards, and technology providers.

Pros and Cons of CBDCs

According to research by the Bank of England, BIS, and by several other central banks, the benefits of CBDCs include supporting increased innovation in the payment system with:

Possible challenges related to use of CBDCs could include:

The ECB commissioned multiple exploratory reports on the feasibility of a digital euro in 2020 and 2021. The ECB’s working paper suggests a 2-tier system for a “general purpose” CBDC. In July 2021, the ECB announced that it would launch a 24-month investigation phase for the digital euro project, which aims to address key issues regarding the design and distribution of a digital euro. The investigation phase will include focus groups, prototyping and conceptual work. In February 2022, the European Commission announced that it will propose a bill that would serve as the legal foundation for the issuance of a digital euro by the ECB. In May 2022, Christine Lagarde stated that she would be willing to back the digital Euro. By June 2023, the ECB and European Commission had significantly advanced their legislative and technical work, moving closer to launching a pilot phase for the digital euro in 2024. The pilot phase is expected to assess the practical implementation of the digital euro, following the completion of the current investigation period​.

The working paper states that the use of CBDC for retail payments is the primary use-case for the development of a digital Euro. The paper also rejects the motivation of using CBDC as a store of value, which would involve consumers switching deposits from commercial banks into CBDC. The working paper also recommends that a CBDC should be interest-bearing, with attractive interest rates offered for smaller sums suitable for payments and lower rates available for larger amounts.

Cryptocurrencies EU

The regulation of crypto assets and related services across Europe is not standardised and is highly fragmented. While no nation has outright banned usage of cryptocurrencies like Bitcoin, Ethereum and others, regulators have not formed a consensus over how to legislate such a quickly fluctuating market, where new cryptocurrencies emerge faster than regulators can catch up to.

The current approach across Europe is to adapt existing legislations to encompass cryptocurrencies, however, this is unlikely to be efficient as consumer and business usage changes.

In the European Union, the fifth Anti-Money Laundering Directive (AMLD5) covers certain crypto assets under the term “virtual currencies”, but it does not provide a harmonised approach. As a result, each Member State has created its own regulatory regime for transactions related to “virtual currencies” or crypto assets

In response, the European Commission proposed the Markets in Crypto-assets (MiCA) regulation in 2020 as part of the Digital Finance Strategy, with MiCA expected to come into force in 2022 and will be directly applicable in all Member States after an 18-month transition period. MiCA will result in a harmonised set of rules for products and services and legal certainty related to crypto assets throughout the European Union in 2024. This would enable a larger number of investors to be active in this area and to use distributed ledger technology (DLT).

MiCA is to apply to all persons who want to issue crypto assets or provide services related to crypto assets in the EU.

The MiCA proposal is intended to lay down uniform rules on transparency and disclosure requirements for the issuance, offer to the public and the admission to trading of crypto assets. In addition, there are rules on the authorisation and supervision of crypto asset service providers and their issuers.

The main focus lies with the issuers of asset-referenced tokens and e-money tokens. The Regulation intends to regulate the operation, organisation and governance of issuers of asset referenced tokens and e-money tokens and crypto asset service providers. There will also be investor protection rules for the issuance, trading, exchange and custody of crypto assets. In addition, measures to prevent market abuse are to be included in the Regulation to ensure the integrity of the crypto assets markets.

In June 2022, the EU Council President and European Parliament reached agreement on MiCA regulation, ruling that crypto asset service providers will require authorisation to operate in the EU, not including NFTs or media-related digital assets.

Under the agreement, the regulatory framework will protect investors and consumers, while ensuring financial stability and enabling innovation and growth. The regulations will help protect consumers from fraud and scams, as crypto asset service providers will be liable if they lose assets and fail to protect investors’ wallets. The European Banking Authority (EBA) will form a public register of non-compliant crypto asset providers.

The regulation will also implement restrictions on stablecoins, with stablecoin issuers to be supervised by the EBA and their “holders will be offered a claim at any time and free of charge.”

Unregulated Cryptocurrency Products – Background 

Regulators and national central banks are challenged by unregulated independent cryptocurrency products. Whereas CBDCs are under the authority of the central bank, almost all cryptocurrencies are decentralised, and not controlled or managed by any central authority.

Obviously, financial market authorities and the national central banks are not in favour of unregulated cryptocurrency products, and they see them as a systematic risk for the financial system. Their intention to regulate the respective cryptocurrency exchange platforms has gained momentum.

Cryptocurrencies, originally designed as a store of value, are digital assets, developed and maintained on decentralised blockchains, and they can be used as a medium of exchange or payment method. Bitcoin and Ethereum are the most popular forms of cryptocurrencies worldwide used by consumers and businesses for transactions.

As of 2022, over 400 million people worldwide used cryptocurrencies, with merchants and businesses in more sectors accepting it as a form of payment. The major payment schemes VISA and Mastercard, PayPal and along with a growing number of financial institutions, have launched services allowing consumers to purchase or use cryptocurrencies for a range of applications.

According to a 2022 Deloitte survey, around two-thirds (64%) of surveyed merchants indicated that their customers have significant interest in using digital currencies for payments, and 83% expect consumer interest in digital currencies for payments to increase or significantly increase over the next 12 months.

In addition, merchants are motivated by the prospect of enabling immediate access to funds (40% of respondents), taking advantage of blockchain-based innovations in decentralised digital finance (39%), and allowing in-house management of the revenue cycle/treasury/finance department (39%).

Over half (54%) of large retailers (with revenues of $500 million and up) have invested more than $1 million on enabling digital currency payments, while only 6% of small retailers (with revenues of under $10 million) did so.

A 2022 survey from Checkout.com found a sharp rise in people wanting to use cryptocurrencies as a means of payment, with 40% of 18-35-year-old consumers citing their desire to experiment with using crypto as a payment method, up from less than 30% in 2021. Meanwhile, over 80% of businesses say offering crypto has attracted new customers, led to a decrease in chargebacks, while just over 60% have seen higher authorisation rates accepting crypto payments.

A recent report by Triple-A for 2024–2025 reports estimate cryptocurrency ownership in Europe has climbed to approximately 50 million people, up from around 30 million in 2023. Crypto adoption in Europe grew to 8.9% of the adult population in 2025, driven by greater institutional access, major regulatory changes (like MiCA), and clearer frameworks for exchanges and wallet providers. This keeps Europe’s ownership rate ahead of previous years, though still trailing regions like Asia and the Americas in terms of total share and growth rate.

Stablecoins

Stablecoins are a type of asset-backed cryptocurrency, whose value is typically pegged to the value of an underlying asset such as USD, GBP, or commodities like gold. Stablecoins are partially backed by real assets, and they are designed to have a value pegged to real-world assets, therefore avoiding the extreme volatility that affects cryptocurrencies.

Stablecoins offer the potential benefits of cryptocurrencies, like transparency, security, immutability, and decentralised control, while maintaining the guarantees and stability that come with using fiat currency. Stablecoins have potential to be used in cross-border payments, providing a secure, online environment for peer-to-peer (P2P) transactions to take place without needing decentralised cryptocurrencies or to pay fees to convert money into local currencies.

As of mid-2025, there were more than 200 stablecoins globally, comprising a market that’s worth about $230 billion.

A survey of central banks in January 2021 found that two-thirds of respondents are actively researching the potential impact of stablecoins on financial stability. However, some regulators in the US and China, consider stablecoins as a potential serious risk to financial systems. The risk is especially high with centralised coins, such as those backed by fiat and issued by private organisations, as economic power would be disproportionately concentrated on a single entity.

The widespread use of stablecoins in payment platforms could also pose a systemic risk, in relation to the validation and confirmation of stablecoin transactions which could interfere with payment systems. If stablecoin users couldn’t access money in their e-wallets and businesses couldn’t receive payments, economic activity would be greatly disrupted. However, these risks have not deterred major institutions like JP Morgan and VISA to explore stablecoin use cases via partnerships and internal R&D.

Tether As of mid-2025, Tether remains the largest stablecoin globally, holding a market share of over 60%. This dominance is driven by its massive liquidity, broad adoption across exchanges and blockchains, and large reserve holdings, especially in U.S. Treasuries. Its nearest competitors include USD Coin (USDC), Binance USD (BUSD), and decentralized stablecoins like DAI, although Tether’s market share far exceeds them. Recent reports have shown Tether’s involvement in major financial markets and even Bitcoin mining, further reinforcing its stronghold on the crypto landscape.

Regarding Facebook’s Diem (formerly Libra) project, it was officially abandoned. Diem’s assets were sold off to Silvergate Capital in early 2022, marking the end of the initiative that once aimed to create a globally accessible digital currency. Regulatory pressures and internal challenges led to the dissolution of the project.

1.10 About Payment Fraud in Europe

Card fraud is one of the most fascinating aspects of the payments industry, not least because it is relentless and mutating. EMV implementation and 3D-Secure, combined with Strong Customer Authentication (SCA), have done much to reduce domestic losses from lost and stolen cards in Europe. However, the war against fraud losses and the changing face of fraud continues to be a threat for the payments industry, including Europe.

The global card fraud challenges are Card-Not-Present fraud (CNP), cross-border fraud and counterfeiting on non-EMV cards. CNP fraud accounted for 80% of the total value of card fraud losses in 2020. From 2017, a new payment fraud category is fraud losses on contactless card payments.

International card fraud continues to be smaller in scale than domestic card abuse but is proportionately far more common. And of course, fraudulent cross-border transactions on cards continue to grow on all purchase channels.

Losses from card fraud on the internet and cross-border fraud on domestic cards have grown significantly. Following EMV implementation, card fraud has moved increasingly to countries where POS terminals or online shops have not yet been migrated to EMV and SCA, respectively, and to cross-border fraud with compromised cards.

The breakdown of card fraud losses by method of compromise already indicates the importance of distinguishing between domestic and cross-border fraud losses. The method of compromise covers how fraudsters obtain payment cards or card details. Notable methods of compromise in a complex payment world are CNP fraud based on theft of card credentials and card lost and stolen fraud followed by growing ID fraud and by cross-counterfeit fraud.

The main method of compromise responsible for losses in many European countries is now the theft of card credentials. A high proportion of these card fraud losses are caused by the growth in e-commerce, and still the lack of use of Strong Customer Authentication methods such as 3D-Secure 2.0.

Payment fraud is one of the most fascinating aspects of the payments industry, not least because it is relentless and mutating. Digital banking security combined with Strong Customer Authentication (SCA), have done much to reduce digital banking fraud losses in Europe. However, the war against fraud losses and the changing face of fraud both continue to be a threat for the Open Banking payments industry in Europe.

In a post data-breach world, identity information, payment credentials, account credentials and responses to security questions are widely available for purchase in bulk. Complete fraud exploits and zero-day attacks are also easily available on the black market for outright purchase or as a hosted / fully managed service.

In the digital payments world and having the changing face of fraud in mind, there are significant challenges for digital payment service providers and their supporting processors.

Also, GDPR, Strong Customer Authentication (SCA) and friendly fraud are factors that further complicate fraud prevention and risk management due to changing technologies, digital consumer demands and new fraud trends.

Higher use of digital payment services, the popularity of online shopping and its frequency, different forms of payment and their digital version, consumers embracing mobile devices and social media networks, less possibilities for customer verification due to open borders are all things that make fraud prevention more complex.

Driven by the development of social media and mobile devices, the emergence of permanently connected consumers has impacted their interaction with brands but also their expectations of how to shop using the increasing number of touch points and checkouts between consumer, retailer, and social media.

In the digital payments and post-data breach world and having the changing face of fraud in mind, there are significant challenges for digital payment service providers and their supporting processors. Firms across all industries must bolster their defences against new fraud trends, while simultaneously developing their digital service capabilities.

The changing face of fraud is driven by fraudsters operating on an international level. They target cardless payments and businesses. Especially fraud on the internet is a lucrative and low risk area for criminals as they can operate out of safe havens, and thus are difficult to prosecute.

Drilling down into new fraud trends, consumers, merchants, banks, payment service providers and processors often have different views of describing fraud cases. For illustration purposes, this chapter highlights a selected set of recent fraud cases based on the expertise of fraud experts specialised on day-to-day fraud & risk management business:

Fraudulent account opening and Account Takeover – A fraudster using stolen login details to purchase from a legitimate user’s account. The most damaging form of fraud in terms of reputation damage for a business. The social sharing of a hacked account can be expensive to recover from.

Terms of Service abuse – Customers, often legitimate, attempting to re-use vouchers, sharing vouchers, or seeking to exploit a generous returns or disputes policy. Most expensive fraud in terms of operations expense as there are phone calls and investigations to conduct.

Supplier and collusion fraud – A supplier working with a willing accomplice to accept stolen payment details for large orders knowing they will be charged back. Most expensive in erosion of trust in the marketplace community. Also, expensive to investigate.

Device spoofing – These techniques are widely used by fraudsters to evade device recognition and detection capabilities. Device spoofing allows a fraudster to masquerade as a legitimate customer, manipulate login sessions, open fraudulent accounts, intercept user credentials or take advantage of multiple new account bonuses.

Location manipulation – Fraudsters manipulate their location tracking in order to mask their true whereabouts. Sometimes this allows them to pretend to be a legitimate customer, or to trade from a location that is perhaps blocked by a company’s business rules or banned under regulatory compliance such as the anti-money laundering directive (AMLD).

Identity Fraud – Fraudsters are creating complete identities using a patchwork of stolen identity data, harvested from data breaches and the dark web. These stolen and spoofed identities are often a near-perfect match for the a “real” identity, and are used to open fraudulent new accounts, takeover existing accounts and monetize stolen credit cards.

Threats & Bots – Fraudsters have a collection of threats and Bots at their disposal to perpetrate fraud, including Malware, Remote Access Trojans (RATs), Man-in-the-Middle attacks and automated bot attacks. These are often used in combination to perform mass identity testing attacks (via an advanced bot), and then take over a trusted user account via a Man-in-the-Middle attack and/or RAT.

Obviously, fraudsters follow the digital consumer behaviour, and they are always looking for the weakest link and new ways of making profit. Indeed, the digital identity of the individual consumer is the mission critical currency of fraudsters and cybercriminals.

Criminals use a wide range of methods to commit fraud, and they have a collection of sophisticated fraud types, threats, and bots at their disposal. The theft of personal and financial data through social engineering and data breaches was a major contributor to fraud losses in 2018. The stolen data is used to commit fraud both directly and indirectly. For example, compromised payment details are used to make unauthorised purchases online and personal details are used to take over an account or apply for a credit card in someone else’s name. Criminals also use personal and financial data to defraud customers, using information gained about an individual to add apparent authenticity to a scam.

1.11 Digital Payment Transformation

Digitalisation of Card Payments 

Historically, the transition from magnetic stripe cards to EMV chip and PIN was the first wave of digitalization. This was followed by the implementation of 3D-Secure 2.0+, which moved away from static passwords to risk-based authentication. In 2026, this has evolved further into 3DS 2.3, which leverages biometric passkeys to provide a truly “frictionless” checkout experience.

The digitalization of card payments in Europe has reached a new stage of maturity, characterized by:

Cardless Digital A2A Payments directly from bank accounts

Before the implementation of the original PSD2, European banks followed fragmented, domestic approaches to digital services. However, the transition to PSD3 and the Payment Services Regulation (PSR) in 2025–2026 has unified these efforts into a “Single Rulebook.” This framework, combined with the Instant Payments Regulation (IPR), has made real-time, cardless A2A payments the mandatory baseline for European finance.

Today, A2A payments are no longer just an “alternative” to cards. Driven by the European Payments Initiative (EPI) and its Wero wallet, A2A transfers now offer a sovereign European alternative to international card schemes. The competitive pressure from the Interchange Fee Regulation (IFR) continues to push merchants toward these cardless solutions, which offer lower fees and instant settlement.

Updated Bank Strategies (2026)

With the entry into force of the IPR and the political finalization of PSD3, European banks have shifted their strategies to offer a fully digitized, real-time ecosystem:

1.12 Digital Payment Infrastructure

The convergence of cloud-native technologies, ubiquitous mobile biometrics, and the mandate for real-time liquidity is fundamentally reshaping the payment infrastructure. Today, the industry has moved beyond simple “innovation” to a state of Payment Orchestration, where success is defined by a provider’s ability to offer a sovereign, secure, and instant checkout experience across all touchpoints.

Global digital commerce continues its exponential trajectory. European merchants are now leveraging the Payment Services Regulation (PSR) and PSD3 to bypass traditional cross-border frictions, utilizing Instant Payments as a primary tool for revenue growth and immediate capital availability.

The Converged Ecosystem

Historically, card acquirers and processors operated in a siloed ecosystem, with cardless services largely restricted to online environments. In 2026, this divide has vanished. Driven by the Instant Payments Regulation, the platforms of modern acquirers are natively connected to the Open Finance ecosystem. They no longer merely “support” cardless payments; they orchestrate a unified flow that treats a Wero A2A transfer, a tokenized card payment, and a Variable Recurring Payment (VRP) with equal technical priority.

One of the most significant shifts has been the maturation of Payment Initiation Service Providers (PISPs) from “alternative” players to core infrastructure partners. In the 2026 landscape, PISPs and Account Information Service Providers (AISPs) work in tandem with traditional processors to provide merchants with “Smart Routing”—automatically selecting the most cost-effective and highest-converting payment rail for every specific transaction.

The Omnichannel Mandate

With Unified Commerce as the goal, building a modern digital payment platform is now a prerequisite for survival. The industry has successfully transformed from channel-specific solutions into Omnichannel Orchestration Platforms. These platforms bridge the gap between:

Drivers of the Modern Platform

Key drivers for today’s infrastructure include real-time financial settlement, strict PSR/PSD3 compliance, and the seamless adoption of VRPs for automated subscription management. Security has shifted toward Biometric Passkeys and AI-driven fraud orchestration, ensuring a frictionless experience that no longer relies on clunky manual authentication.

The benefits of a 2026 digital payment platform for processors and merchants include:

1.13 Addendum – Card Interchange Fee Arrangements in Europe 

The following card interchange fee arrangements are applied in Europe under the matured framework of the Interchange Fee Regulation (IFR) and recent 2026 judicial rulings:

Note on Commercial Cards: As of 2026, Commercial and Corporate cards remain generally exempt from the IFR caps. Consequently, merchants often pay significantly higher interchange fees (often 1.5% or more) for these transactions.

Historically, the domestic interchange fee (DMIF) arrangements have varied by country:

While the IFR has harmonized the maximum rates, the underlying structures still reflect historical domestic preferences:

As in the US, Australia, and other foreign countries…

The multilateral interchange fee (MIF) arrangements of international and domestic schemes remain under intense scrutiny. Competition authorities continue to favour bilateral negotiations, but MIFs persist as the essential “balancing factor” between acquirers and issuers. In 2026, the focus of regulators has shifted from interchange caps toward Scheme Fees (fees paid directly to Visa/Mastercard), which are not capped by the IFR and have risen steadily, prompting new transparency investigations by the European Commission.

UK-EEA Post-Brexit Fees

The most significant recent shift occurred in January 2026, when the UK High Court upheld the Payment Systems Regulator’s (PSR) authority to cap cross-border interchange fees.

Between 2021 and 2025, following the UK’s exit from the EU, Mastercard and Visa had increased “Card-Not-Present” (online) fees for UK-EEA transactions fivefold—to 1.15% for debit and 1.5% for credit. However, following the 2026 court victory against the schemes, the PSR (which is currently being integrated into the Financial Conduct Authority (FCA)) has moved to re-impose price caps on these outbound fees to protect UK businesses from what it deemed “unduly high” costs.

As of March 2026, these rates are under active downward revision to bring them closer to the original 0.2%/0.3% levels, ending a five-year period of elevated cross-border costs for digital commerce.

Digital & Card Payment Yearbooks