Rose Conway-Walsh (Mayo, Sinn Fein) | Oireachtas source

I think that is part of it; the ambiguity between what is authorised and not authorised is very broad. Is that broadness intentional where some might be authorised but not authorised to the end of it in terms of the actual payment that is to be made? Would that be cleared up under the most recent version?

The Deputy hits on an important point. Obviously, in any fraud or any claim for refund for unauthorised or indeed authorised payments, where the customer is grossly negligent or there are other factors, it is possible not to refund them. However, the issue raised by her is, in fact, one of the points the Commission brings out in its review of the revised payment services directive, PSD2, that is only out today. It is saying the boundary is getting very blurred between the two, which is why it is proposing the changes it is proposing and, hopefully, not going as far as full reimbursement the way the UK has because social engineering is very complex. It was never thought of prior to PSD2. If we look at PSD2, the whole emphasis on fraud prevention is very much around the area of ensuring that cards are not being skimmed, that the person initiating the transaction is the person who owns the payment instrument, and the other end of things was never really thought about. That has changed. The Deputy is right; the boundary is getting blurred and the commission is trying to address some of it in its proposals.