WSO2 Open Banking to Cater Open Banking and PSD2 Requirements

Open Banking is one of the major turner in the financial sector where the financial data is made available by the banks to third parties via Open APIs. It practises sharing information via electronic medium securely under the approval of the customer. Security plays a major role in Open Banking as the access is given for very confidential data. Hence the banks must ensure that these confidential data is not handed over to the wrong parties by ensuring security via extra steps.

The concept came out with the revision of Payment Services Directive also known as PSD2 which aims at regulating payment services and payment service providers throughout the European Union. The revision was aimed at promoting the use of online and mobile payments through open banking, for that banks must let the customers share their financial data, such as spending habits, regular payments and bank products used such as credit card or savings statements with other authorised providers.

Open Banking with PSD2

As explained above PSD2 gives the right to the Open Banking concept to allow the bank customers to use third parties to manage their finance. To adhere to the concept and rules, banks must expose their data via APIs under the XS2A (access to account) rule. So that the third parties who will be adhering to PSD2, can access these APIs and provide services to the banking customers. The banks have a responsibility to identify and select the best Open Banking solution that provide the requirements of PSD2 to ensure their customer trust is not at risk.

Third Party Providers (TPPs)

PSD2 encourages new players to the entire financial market and provide better services to banking customers. Third Party Providers are the authorized parties to access the financial data via the APIs.

TPPs can take ownership of the transaction entirely after getting the approval by the customer.

Third Party Providers can be of one or combination of following.

• PISP (Payment Initiation Service providers)

The PISP gets the approval from the customer and initiates a credit transfer from the specified account to the given account on behalf of the bank’s customer

• AISP (Account Information Service Providers)

The AISP provide the details of the transactions and balances of the provided accounts from different banks under the approval of the customer.

• PIISP/CBPII (Card Based Payment Instrument Issuer)

The CBPII issues cards used as payment instruments to initiate a payment transaction between the bank and the beneficiary account.

The role of WSO2 Open Banking

WSO2 Open Banking is a complete solution that provides all the technological requirements to fulfil an Open Banking platform for banks. WSO2’s API management, security and integration capabilities are embedded into WSO2 Open Banking to provide a PSD2 compliance solution with the ability to scale for different deployment patterns. WSO2 Open Banking have achieved their compliance by offering;

• Secured platform via OAuth2, OpenID and Certificate validation
• Ability to support different API specifications like Open Banking UK, Berlin Group Consumer Data Rights and STET Specification etc.
• Extended security for authentication and authorization inline with the Regulatory Technical Standards (RTS) like Strong Customer Authentication, Transaction Risk Analysis and Fraud Detection etc.
• Ease to plug to the core banking system
• API Analytics and Data Reporting to meet the PSD2 requirements for reporting

With the use of WSO2 Open Banking, banks can expose their APIs for core banking system securely and allow the TPPs to onboard to their core banking system. After onboarding trusted TPPs can access the financial data in the core banking system via the APIs and provide the data to the bank customers more securely and attractively.

For more information about WSO2 Open Banking breeze into openbanking.wso2.com.