Van Praag, Emanuel and Steenot, Reinhard and Eidsand Kjorven, Marte and Halvorsen Omland, Lars Petter and Guimaraes, Maria Raquel and Jansen, Kasper and Breukelaar, Sjoerd and Fejos, Andrea (2025) Authorized Push Payment Fraud: Suggestions for the Draft Payment Services Regulation. European Review of Private Law, 33 (5-6). pp. 1039-1072. DOI https://doi.org/10.54648/erpl2025066
Van Praag, Emanuel and Steenot, Reinhard and Eidsand Kjorven, Marte and Halvorsen Omland, Lars Petter and Guimaraes, Maria Raquel and Jansen, Kasper and Breukelaar, Sjoerd and Fejos, Andrea (2025) Authorized Push Payment Fraud: Suggestions for the Draft Payment Services Regulation. European Review of Private Law, 33 (5-6). pp. 1039-1072. DOI https://doi.org/10.54648/erpl2025066
Van Praag, Emanuel and Steenot, Reinhard and Eidsand Kjorven, Marte and Halvorsen Omland, Lars Petter and Guimaraes, Maria Raquel and Jansen, Kasper and Breukelaar, Sjoerd and Fejos, Andrea (2025) Authorized Push Payment Fraud: Suggestions for the Draft Payment Services Regulation. European Review of Private Law, 33 (5-6). pp. 1039-1072. DOI https://doi.org/10.54648/erpl2025066
Abstract
This article addresses the rising prevalence of Authorized Push Payment (APP) fraud in the digital payment landscape and the need for new regulations by the EU legislature. APP fraud, where the payment service user (PSU) authorizes a payment under the influence of a fraudster, presents a growing issue that is inconsistently addressed under the current EU Payment Services Directive (PSD2). The article analyses existing legal frameworks and case law across various EU Member States, highlighting inconsistencies in the interpretation of authorized and unauthorized transactions. It emphasizes the need for the EU legislature to clarify liability for payment service providers (PSPs) in the proposed Payment Services Regulation (PSR) regarding APP fraud. The authors advocate for a harmonized approach where PSPs are held liable for APP fraud, particularly in cases of bank impersonation fraud. The authors further suggest that the definition of ‘gross negligence’ in the context of APP fraud should be clarified. They also propose that if PSPs take on greater responsibility for fraud monitoring and prevention in order to improve safety of payment transactions this should be balanced with the privacy and autonomy of the PSU. Key conclusions include the necessity for the EU legislature to ensure a uniform interpretation of authorised transactions and clarify the potential for national liability rules. Additionally, the authors recommend that liability for APP fraud should not be limited to bank impersonation fraud but should also cover other scenarios of payment fraud, provided the fraudster abuses the trust in the payment system by convincing the PSU that he needs to take action to keep his funds safe.
| Item Type: | Article |
|---|---|
| Subjects: | Z Bibliography. Library Science. Information Resources > ZR Rights Retention |
| Divisions: | Faculty of Arts and Humanities Faculty of Arts and Humanities > Essex Law School |
| SWORD Depositor: | Unnamed user with email elements@essex.ac.uk |
| Depositing User: | Unnamed user with email elements@essex.ac.uk |
| Date Deposited: | 19 Feb 2026 10:51 |
| Last Modified: | 19 Feb 2026 10:51 |
| URI: | http://repository.essex.ac.uk/id/eprint/42236 |
Available files
Filename: 20250729 final version for European Review of Private Law[53].pdf
Licence: Creative Commons: Attribution 4.0