Maurizio Garzelli is the Chief Technological Officer of apiida. apiida are API management experts. The company is from Germany.
This article is about the hurdles and challenges of open banking and PSD2.
Classical banking is a closed ecosystem. Banks are companies. They have their systems. Any FinTech that wants to connect to a bank to give their customers a good user experience regarding payment or account management will have to integrate themselves with the bank. The connection is based on the bigger fish (Bank or FinTech). So there is no standardization. The TPP must be approved, registered, and audited by each bank. There is a lack of a global financial grade API specialized team because every bank institution has its own APIs.
With the introduction of open banking, this has changed. The bank becomes a closed but also open ecosystem because of the standardized open API interface. TPP can be centrally registered. So the TPP doesn’t need to go to every bank to show who they are and why they are good. The registration holds at the legal, regional, and national levels. Banks do not need to make their own security checks. They can check for the validity of the certificate.
We can use reusable logic and APIs. It will be financial grade API compliant as the team that looks after standards is a national or global team. The bank doesn’t need to have its own experts; they can look outside the bank for that, reducing costs.
It starts with the TPP, which needs to talk to the national authority and get registered. The National Authority will audit that the TPP is valid. Then they would go to the QTSP. They will get a digital certificate proving that the TPP is who they are with their claims. Once that’s done, the PSU can delegate banking, account information, or payment initiation actions to the TPP. The ASPS should have a management interface for the PSU, just like in OAuth.
Open Banking – Challenges and hurdles
Central Authority –
- A central authority needs to be established.
- The API framework needs to be as open and secure as possible
- QTSP and TPP auditing framework needs to be in place.
- Integrate their existing bank APIs with Open Banking Standards.
- Integrate and adapt the authentication and authorization process.
- Have a consent and authorization management system in place for the PSU.
- Implement TPP verification logic and functional checks.
- Develop a sandbox for early adoption.
- Implement the TPP logic in their own app.
- Demonstrate AISP and PISP functionality for QTSP and NA.
Solution pack from APIIDA
The solution pack is a package that includes both the logical framework and expert services to help plug in the solution for the banks and TPP. This solution pack has been developed for faster time to market and to ensure the banks’ compliance with set standards. It can also be customized and adapted to any changes within these standards.
We also provide expert services. Expert services can help central authorities with API frameworks. Newcomers may need expert help to adapt to the standards. We cannot help set up central authorities or legal or auditing frameworks.
We try to be as holistic as possible with our offerings to help overcome any challenges and hurdles that banks or TPPs have in adopting the frameworks from their own open banking standards.
- Faster time to market– Faster time to market is not just an advantage and an economical advantage over the competition; it is how quickly you can be operational in the market.
- Compliance to Standards
- Integration with an API framework
- Expert Services
- CI / CD and operations automation
To conclude, apiida has a solution to seamlessly address hurdles of open banking and future hurdles with a maintainable solution.