Historically, banks and financial institutions have retained exclusive control over their customers’ account data. With the European PSD2 directive coming into force, banks have to give new market players access to selected account information.
Financial organizations face several challenges when implementing their APIs:
- Lack of a global standard and model for API development
- Roll-out of XS2A API and strong customer authentication as RTS comes into force on September 14, 2019
- Implementing API analytics to monitor critical connections with TPPs
Payment service providers (PSPs) seeking to publish Read / Write PSD2-compliant APIs, to enable payments initiated by third party providers (TPPs), will have to make an early arbitration between 3 implementation solutions.
- PSP leverages an "API HUB" to interface with TPPs
- PSP pursues its own API implementation, validation and management service
- PSP mandates an external API platform provider to implement, validate and monitor API performance
The implementation options pose significant questions to PSPs on how they become compliant and how they can ensure strong customer authentication when developing their Open APIs under PSD2.
Due to our extensive knowledge of the regulatory environment (SEPA, PSD2 directive) and the interbank payment card systems, FIME is well-placed to assist banks, fintechs and financial institutions in implementing successful Open APIs projects.