​​​Ecommerce is now a fact of life.

Whether buying groceries with one click on Amazon or ordering a taxi on your phone with Uber, customers worldwide increasingly rely on the convenience of online services. 

In the banking sector, new innovative services based on open data also known as open banking are showing up more and more. 

In short, open banking means opening customer account information - accessible via APIs - to third-party providers.

Yes, it's BIG.

The result?

New actors will change the traditional banking landscape.

  • New third-parties like account information service providers (AISPs), can provide consumers with visibility across all their banking accounts via a single app,
  • Payment initiation service providers (PISPs) can offer consumers an easy means of making direct fund transfers for online transactions. 

The bank of tomorrow is the one that not only sees these changes on the horizon but also adapts to this new environment.

Otherwise, customers are more than willing to move on with a financial partner that can provide the services they seek. 

According to a recent Thales poll, 38% of those surveyed would leave their bank if another provider offered better services or better rates.

+38%

OF CONSUMERS WOULD LEAVE THEIR BANK IF ANOTHER PROVIDER WERE OFFERING BETTER SERVICES OR BETTER RATES

It's a call to action.

Open banking is here.

The revised Payment Service Directive (PSD2) fosters the development of innovative services based on open data in the banking payment landscape.

In particular, it aims to encourage the creation of alternative internet payment methods across all common types of devices (e.g., computers, tablets, and mobile phones) by allowing third-party providers equal access to customer account information and transactional approval. 

There's more.

PSD2 specifies that consumers have the right to use any third-party provider for their online banking services.

As a result, banks are mandated to provide open Application Programming Interfaces or APIs to allow software at one company to access payment account information and payment initiation from another.

PWC forecasts that 71% of Small and medium-sized enterprises and 64% of adults will adopt open banking by 2022. This move is revealing a solid adoption of open banking technology across the financial services sector.

In other words, the move to open banking means removing barriers between competitors as it requires banks to allow their account details and transactions to be shared with third parties through APIs.

 

Why is open banking a big deal?

 

Open Banking creates a gigantic shift in the world of banking. It can rebalance the relationship between businesses, financial institutions, and customers.

 

Open banking and the rise of the digital economy

Open banking is playing a significant role in the rise of the digital economy as it makes payments easier and more transparent.

psd2 open banking

psd2 open banking

 

More data​ means more opportunities.​​

​Ignoring the future is simply not an option. 

Progressive banks are those who embrace innovation and enact measures to open up their data for enhanced banking services.

By working more closely with third-party actors, financial institutions can better prepare themselves for the market changes and proactively identify research and development areas. 

Our identity and access management (IAM) solutions allow organisations to meet the evolving needs around cloud applications and mobile devices by enabling secure access to online resources and protecting the digital interactions of employees, partners, and customers with market-leading strong authentication and digital signing products. 

 

Most commonly used PSD2 acronyms.

API

An Application Programming Interface is a set of subroutine definitions, protocols, and tools for building application software. It defines methods of communication between various software components.

ASPSP

Account Servicing Payment Service Provider, the traditional type of Payment Institution, as banks, with which a PSU

(payment service user) holds one or more accounts and from or to which the PSU issues payments. Every ASPSP must register under PSD2 as a Payment Institution.

AISP

An Account Information Service Provider acts as an aggregator of data relating to a PSU’s accounts held across one or many different ASPSPs. AISPs must register under PSD2 as a Payment Institution. AISPs belong to the TPP category of PSPs.

EBA

The European Banking Authority is an independent EU Authority that works to ensure effective and consistent prudential regulation and supervision across the European banking sector. Its overall objectives are to maintain financial stability in the EU and safeguard the integrity, efficiency, and orderly functioning of the banking sector. 

PISP

Payment Initiation Service Providers are granted permission by a payment service user (PSU) to initiate payments on behalf of that PSU.

They do this by establishing a software ‘bridge’ between the merchant's website and the online banking platform of a payer’s bank to initiate payment.

The PISP would typically be made available as a payment option on a merchant’s website. PISPs belong to the TPP category of PSPs.

PSP

Payment Service Provider, a general term for providers that offer online services for accepting electronic payments by various methods, including credit/debit cards and real-time transfer. Traditional PSPs such as banks and financial institutions have now been joined by an increasingly large and diverse set of third-party service providers (TPPs).

PSU

A Payment Service User is essentially a customer—either an individual or a corporate entity—who has one or more bank accounts.

RTS

Regulatory Technical Standards. The European Banking Authority (EBA) has been tasked with specifying ”Regulatory Technical Standards” (RTS) for authentication (Article 98) that define how to implement the security obligations imposed on PSPs. RTS mainly focuses on SCA, exemptions to SCA, and open communications between ASPSPs, PISPs, and AISPs.

SCA

Strong Customer Authentication is a procedure based on the use of two or more of the following elements: Knowledge( Something only the user knows, e.g., password, code, personal identification number); Ownership / Possession (Something only the user possesses, e.g., token, smart card, mobile handset); Inherence (Something the user is, e.g., biometric characteristic, such as a fingerprint). 

TPP

Third-Party Provider, a category of PSPs covering PISPs and AISPs.
 

More resources on open banking & PSD2

PSD2 regulation
The new PSD2 directive is a fundamental piece of payment legislation in Europe. Learn how to get ready with Thales.
Read more

Strong Customer Authentication
Strong Customer Authentication, as defined in PSD2, means that transactions are authenticated using 2‑factor authentication or more.
Read more

How to improve user experience?
By evaluating risk and adapting accordingly, banks can offer a targeted approach that strikes the right balance between security and user convenience.
Read more

Download

fs-psd2-the-expert-company.png

Thales – The PSD2 expert company

PSD2 compliant solutions for your authentication needs

PSD2 compliant means for your authentication needs
fs-wp-psd2.png

Understand PSD2 compliance and discover PSD2 solutions

Read our white papers​​​ to understand the latest implications of PSD2 for the banking and payment landscape in ​Europe​​​​.​​

Download the whitepapers

Get in touch with us

For more information regarding our services and solutions contact one of our sales representatives. We have agents worldwide that are available to help with your digital security needs. Fill out our contact form and one of our representatives will be in touch to discuss how we can assist you.

Please note we do not sell any products nor offer support directly to end users. If you have questions regarding one of our products provided by e.g. your bank or government, then please contact them for advice first.