EU Regulations & Directives

IAM Maturity Assessment for PSD2

The EU Payment Services Directive 2 (Directive (EU) 2015/2366) introduced Strong Customer Authentication (SCA) for electronic payments, detailed in regulatory technical standards. For identity programs it primarily shapes customer authentication, onboarding, and identity proofing flows for payment services.

Maturity threshold
2.5 / 4.0
Mapped questions
2
IAM domains
1
Assessment scope
CIAM
Identity Expectations

What PSD2 Expects from Identity Programs

The identity-relevant themes below reflect the AXIS capabilities mapped to PSD2 citations in the question bank. They paraphrase where identity fits, not the legal text itself.

  • Customer registration and authentication flows built for strong customer authentication
  • Customer onboarding, identity proofing, and know-your-customer alignment where payment services demand it
Question Mapping

AXIS Questions Mapped to PSD2

2 of the 37 questions in the AXIS bank carry PSD2 citations, including 1 domino control (foundational capabilities that cap the overall score when weak).

AXIS assessment questions mapped to PSD2, with domain, capability, and framework references
QuestionDomainCapabilityPSD2 references
CIAM-01
Domino
CIAMRegistration & OnboardingPSD2 SCA
CIAM-05CIAMCustomer Onboarding, Identity Proofing & KYCPSD2 (risk-based controls)
Scoring Model

How AXIS Scores PSD2 Alignment

A threshold model: each mapped control either meets the PSD2 maturity bar or it does not, and the alignment percentage is the share that does.

Threshold: 2.5 of 4.0

Each framework in AXIS carries a research-derived maturity threshold (Methodology Section 7.2). For PSD2, a mapped control counts as passing when its answered maturity level reaches 2.5: documented and consistently enforced. The alignment percentage is the share of mapped controls at or above that bar.

Citations live on individual answer options, so the exact set of controls counted for PSD2 in a given assessment reflects the answers selected. The table above lists every question whose answer options carry PSD2 citations.

80%+

Aligned

60-79%

At Risk

<60%

Non-Compliant

Scope and Industry Awareness

PSD2 is scored in the customer identity (CIAM) and full assessment scopes, where its mapped controls are assessed.

It is shown when the assessed organization operates in: Financial Services. Other industries see only the frameworks relevant to them.

Tracked, Not Yet Scored

AXIS currently maps 2 questions to PSD2, below the minimum of 3 required for a reliable scored row in the compliance matrix. The mapping is tracked and shown here for transparency, and the framework becomes scored as coverage grows.

Indicative Alignment, Not Certification

This page describes how the AXIS assessment maps its question bank to Payment Services Directive 2 (PSD2). Alignment scores are indicative: they are not a certification, an audit opinion, or legal advice. Whether and how PSD2 applies depends on your organization, sector, and jurisdiction; consult qualified counsel or auditors for formal compliance determinations.

See Where You Stand Against PSD2

Run the AXIS assessment and get your maturity score, PSD2 alignment, and a prioritized roadmap in one pass. No signup required to start.