E-commerce is now a fact of life.
Whether buying groceries with one click on Amazon or ordering a taxi on your phone with Uber, customers worldwide increasingly rely on the convenience of online services.
In the banking sector, new innovative services based on open data, also known as open banking, are increasing.
In short, open banking means opening customer account information - accessible via APIs - to third-party providers.
Yes, it's BIG.
The result?
New actors will change the traditional banking landscape.
- New third parties, like account information service providers (AISPs), can provide consumers with visibility across all their banking accounts via a single app,
- Payment initiation service providers (PISPs) can offer consumers an easy means of making direct fund transfers for online transactions.
The bank of tomorrow is the one that not only sees these changes on the horizon but also adapts to this new environment.
Otherwise, customers are more than willing to move on with a financial partner that can provide the services they seek.
According to a recent Thales poll, 38% of those surveyed would leave their bank if another provider offered better services or better rates.
+38%
CONSUMERS WOULD LEAVE THEIR BANK IF ANOTHER PROVIDER WERE OFFERING BETTER SERVICES OR BETTER RATES
It's a call to action.
Open banking is here.
The revised Payment Service Directive (PSD2) fosters the development of innovative services based on open data in the banking payment landscape.
In particular, it aims to encourage the creation of alternative Internet payment methods across all common types of devices (e.g., computers, tablets, and mobile phones) by allowing third-party providers equal access to customer account information and transactional approval.
There's more.
PSD2 specifies that consumers have the right to use any third-party provider for their online banking services.
As a result, banks are mandated to provide open Application Programming Interfaces or APIs to allow software at one company to access payment account information and payment initiation from another.
In other words, the move to open banking means removing barriers between competitors as it requires banks to allow their account details and transactions to be shared with third parties through APIs.
Why is open banking a big deal?
Open Banking creates a gigantic shift in the world of banking. It can rebalance the relationship between businesses, financial institutions, and customers.
Open banking and the rise of the digital economy
Open banking plays a significant role in the rise of the digital economy as it makes payments easier and more transparent.
More data means more opportunities.
Ignoring the future is simply not an option.
Progressive banks embrace innovation and enact measures to open up their data for enhanced banking services.
Financial institutions can better prepare themselves for market changes by working more closely with third-party actors and proactively identifying research and development areas.
Our identity and access management (IAM) solutions allow organisations to meet the evolving needs around cloud applications and mobile devices by enabling secure access to online resources and protecting the digital interactions of employees, partners, and customers with market-leading strong authentication and digital signing products.
Most commonly used PSD2 acronyms.
API
An Application Programming Interface is a set of subroutine definitions, protocols, and tools for building application software. It defines methods of communication between various software components.
ASPSP
Account Servicing Payment Service Providers, the traditional type of Payment Institution, such as banks, with which a PSU
(payment service user) holds one or more accounts from or to which the PSU issues payments. Every ASPSP must register under PSD2 as a Payment Institution.
AISP
An Account Information Service Provider acts as an aggregator of data relating to a PSU's accounts held across one or many different ASPSPs. AISPs must register under PSD2 as Payment Institutions. AISPs belong to the TPP category of PSPs.
EBA
The European Banking Authority is an independent EU Authority that ensures effective and consistent prudential regulation and supervision across the European banking sector. Its overall objectives are to maintain financial stability in the EU and safeguard the banking sector's integrity, efficiency, and orderly functioning.
PISP
Payment Initiation Service Providers are granted permission by a payment service user (PSU) to initiate payments on behalf of that PSU.
They do this by establishing a software 'bridge' between the merchant's website and the online banking platform of a payer's bank to initiate payment.
The PISP would typically be available as a payment option on a merchant's website. PISPs belong to the TPP category of PSPs.
PSP
Payment Service Provider is a general term for providers that offer online services for accepting electronic payments by various methods, including credit/debit cards and real-time transfers. Traditional PSPs, such as banks and financial institutions, have joined an increasingly large and diverse set of third-party service providers (TPPs).
PSU
A Payment Service User is essentially a customer—an individual or a corporate entity—with one or more bank accounts.
RTS
Regulatory Technical Standards. The European Banking Authority (EBA) has been tasked with specifying" Regulatory Technical Standards" (RTS) for authentication (Article 98) that define how to implement the security obligations imposed on PSPs. RTS mainly focuses on SCA, exemptions to SCA, and open communications between ASPSPs, PISPs, and AISPs.
SCA
Strong Customer Authentication is a procedure based on the use of two or more of the following elements: Knowledge( Something only the user knows, e.g., password, code, personal identification number); Ownership / Possession (Something only the user possesses, e.g., token, smart card, mobile handset); Inherence (Something the user is, e.g., biometric characteristic, such as a fingerprint).
TPP
Third-Party Provider, a category of PSPs covering PISPs and AISPs.
More resources on open banking & PSD2
PSD2 regulation
The new PSD2 directive is a fundamental piece of payment legislation in Europe. Learn how to get ready with Thales.
Read more
Strong Customer Authentication
Strong Customer Authentication, as defined in PSD2, means that transactions are authenticated using 2‑factor authentication or more.
Read more
How to improve user experience?
By evaluating risk and adapting accordingly, banks can offer a targeted approach that balances security and user convenience.
Read more
Download

Thales – The PSD2 expert company
PSD2 compliant solutions for your authentication needs
PSD2 compliant means for your authentication needs
Understand PSD2 compliance and discover PSD2 solutions
Read our white papers to understand the latest implications of PSD2 for the banking and payment landscape in Europe.
Download the whitepapers