PSD2 the first legal framework towards open banking

What is PSD2?


The Revised Directive on Payment Services (Directive (EU) 2015/2366 – a.k.a. PSD2) is an EU legislation:

  • effectively fostering the creation of a dynamic Financial Services ecosystem, with special focus on online & mobile payments
  • through opening up secure access to account data (XS2A) from the Account Servicing Payment Service Providers (ASPSPs)
  • primarily via the use of APIs
  • to trusted Third Party Payment Service Providers (TPPs)
  • enabling them to build services based on Account Information Service Provider (AISP) and / or Payment Initiation Service Provider (PISP)
  • providing more options & flexibility to end users / Account owners

The PSD2 legislation is effective January 13th 2018, with an additional milestone, for the enforcement of Regulatory Technical Standards (RTS) & Strong Customer Authentication (SCA), expected in September / October 2018.

The key PSD2 stakeholders in action!

Try the PSD2 APIs live, in our Free PSD2 Sandbox, powered by aplonAPI

Compliance Timeline major milestones

  • 1st deadline 13 January 2018
    Deadline to Transpose PSD2 in Member States
  • 2nd deadlineQ4 2018 – Q1 2019
    18 months after their publication by the European Commission, the RTS on Strong Customer Authentication and secure and common communications enter into force.

PSD2 Glossary

Acronym What it means Additional Information
API Application Programming Interface A connector, available to TPPs, making it easier to develop a computer program by providing specific functionalities. In PSD2 the following APIs are available

- Authentication
- Payment Initiation
- Payment Status
- Account Balance
AISP Account Information Service Provider A TPP, making use of PSD2 APIs only to request information regarding the Account Balance. e.g. to aggregate information across multiple accounts & provide a consolidated view of finances, such as a PFM
ASPSP Account Servicing Payment Service Providers An organization providing and maintaining Payment Accounts for customers. e.g. Banks & Financial Institutions
PISP Payment Initiation Service Provider A TPP, making use of PSD2 APIs only to make a payment. E.g. a Treasury Management System used by a corporate to automate outgoing Payments
PSD2 The Revised Directive on Payment Services (Directive (EU) 2015/2366 – a.k.a. PSD2) is an EU legislation The reason you’re looking at this page! PSD2 creates a major Open Banking paradigm for European Banks & is a template for similar projects across the globe
PSU Payment Service Users The end users of all the functionality put in place by PSD2. They can be either natural or legal persons & interact with TPPs & ASPSPs
RTS Regulatory Technical Standards The Regulatory Technical Standards on strong customer authentication and secure communication under PSD2 provide details & guidelines on the implementation of PSD2
SCA Strong Customer Authentication The SCA caters to the increased security needs for the new PSD2 environment. It requires two or more of the following independent elements to be used, for an electronic transaction to happen:
- Knowledge (something only the user knows, e.g. a PIN)
- Possesion (something only the user possesses, e.g. key material)
- Inherence (something the user is, e.g. fingerprint, voice recognition)
TPP Third Party Payment Service Providers Payment Institutions, which don’t hold payment accounts for their customers. AISPs & PISPS are specific types of TPPs
XS2A Access to Account data The provisions for third party secure ‘access to account’ under the PSD2 directive. This is the cornerstone needed to enable Open Banking under PSD2

Learn how aplonAPI enables PSD2 compliance in record time for Banks & Financial Institutions

Frequently requested answers

?PSD2 will affect the existing banking business models
  • Loss of Fees from Card based transactions
  • Loss of Customer “Ownership” & Insights
  • Potentially reducing the switching cost & removing the “Barrier of exit” concern for existing customers
?Banks have 4 strategic options when dealing with PSD2
  • Focus on compliance only
  • Extend their APIs beyond the ones required by PSD2 & monetize their API offerings
  • Work with TPPs to create customer centric services & monetize their customer insights
  • Embrace & expand the Open Banking ecosystem to create completely new offerings & introduce new revenue streams
?You need an API Management Platform to properly handle the PSD2. This platform must
  • Offer the PSD2 APIs & allow you to build additional ones
  • Allow granular control of access, including support for SLAs
  • Capture & Provide full audit trail for the real time monitoring & reporting of API transactions
  • Include a Developer’s portal & sandbox to assist developers in accessing & utilizing the APIs aplonAPI™ by Payment
PaymentComponents offers all of these functionalities & much more to empower your Open Banking endeavors. Learn more here (www.aplonapi.com)

LATEST PSD2 NEWS

PaymentComponents & ADSI partner for Latin America

PaymentComponents Ltd & ADSI® partner for Open Banking APIs in Latin America

PaymentComponents Ltd, proudly announces partnership, with ADSI®, for Latin America!

17th Financial Technology & Innovation Conference for aplonAPI exhibition in Miami

aplonAPI was presented at 17th Financial Technology & Innovation Conference in Miami with ADSI®!
API as a new Banking channe

API as a new Banking Channel

The open API area of banking and the PSD2 opportunities explained.