The Payment Services Directive (PSD2) and Open Banking API have a large and significant connotation for both the financial services industry, and for the ordinary customers.
The new regulations coming within PSD2 and Open Banking are taking the forefront of financial topics for many months. It’s implementation already generated the starting of many projects across the financial institutions.
The new legislation brings many changes to the way the online payments are making, and the bank account information are managed. It brings key changes to the way that the financial institutions and merchants work, making place to the new entities: Account Information Service Provider (AISP) and Piment Initiation Service Provider (PISP), highlighting their role, and enhancing the importance of implementation of the Strong Customer Authentication (SCA) for safety and security online payment operations.
FinTech Security, as a company based on financial and cyber security consultancy has proposed itself up to develop a Proof of Concept that illustrates how in the real world the PSD2 with the AISP and PISP, and Open Banking API work.
What does that mean?
Well, in practice it means that the developed white label browser application demonstrates the feasibility of the new key changes coming within the PSD2 and Open Banking standards.
It demonstrates that the concepts of: granting access to the customer’s bank accounts information to Third Party Provider (TPP), and the request of initiating a payment within TPP direct from the customer’s bank accounts, based on given explicit customer’s consent, has been successfully realised within this Proof of Concept.
In a nutshell, the application supports the main customer registration flow and delegation of the access to a third party – AISP to the customer’s bank account, based on the provided customer’s consent.
This part of the application reproduces the customer journey within the AISP.
The second part of the developed and fully functional application illustrates the customer journey within the PISP.
Therefore, the Payment Initiation flow (PISP) implements the Merchant web integration flow via TPP and later integration and payment authorization with the Bank.
In order to reproduce the whole payment initiation chain, we have developed fully functioning applications (basic functions) for:
1. Merchant eCommerce,
2. Third Party Provider (TPP) – AISP/ PISP,
3. Bank Simulator (including authentication and authorization flows).
The application is developed in a flexible manner that permits its integration with many web services and platforms.
Let’s deploy it!