The Blessings of PSD2 and Open Banking
Originally published on The Paypers
The European Union's revised Payment Services Directive (PSD2) contributes to an open, fair, and secure payments landscape in Europe. Said directive introduces a variety of changes to the ways we complete payments online and facilitates the relationship between fintechs and banks. In one fell swoop, PSD2 removes a long-standing barrier to inter-company collaboration and strengthens the role of Europe in the payments industry.
So far, incumbent banks and fintechs lacked a shared technical interface via which financial data could flow. By guarding bits of information like account holder's age, address, and account status, banks made it difficult for fintechs to verify the success of payment transfers instantly. This walled-garden approach hindered the development of innovative services, with customers often “imprisoned” and, thus, forced to use suboptimal mobile banking apps, or facing difficulties when executing financial operations in multiple fiat and digital currencies.
PSD2: Introducing Open Banking in Europe
PSD2 obliges banks to offer public interfaces to their systems – commonly referred to as open banking APIs. What are the consequences of an open banking API, exactly? Fintechs can use such API to connect to the extensive and reliable customer databases of banks. The information transmitted can help the fintechs to provide creative solutions in the area of customer identification and credit scoring, and can also help enterprise merchants, independent sales organizations (ISOs), and payment service providers (PSPs) to process transactions at significantly lower costs.
Business Opportunities Brought by Open Banking API
Welcome to the world of open banking! As a technical payment service provider, we at IXOPAY wholeheartedly support this aspect of PSD2. For example, merchants in regulated industries will be able to verify if the user who placed an order is of age and meets statutory requirements to buy the goods. In terms of fraud prevention, retailers using drop-shipping can now use Open Banking APIs to check for discrepancies between addresses for invoicing (i.e. the account holder’s address) and package delivery.
Furthermore, PSD2 introduces a regulatory framework for emerging eCommerce payment services such as Account Information Providers (AISP) and Payment Initiation Service Providers (PISP). Broadly speaking, AISPs offer users aggregated online information on all of its payment accounts, while PISPs can actually initiate transactions. In other words, the directive distinguishes the ability to elicit information and the ability to undertake financial transfers: AISPs have "read-only" access to a customer's bank account, whereas PISPs have "read-and-write" access. In practice, merchants using PISPs are able to initiate payments directly from the customer’s bank account, cutting processing fees and providing instant check-out experiences.
Companies acting as an AISP or a PISP must have undergone a rigorous licensing process with financial authorities in Europe. These requirements ensure that companies respect the rights of the customers, who ultimately must remain in control of their financial data.
Customers Have The Control
Having complete control of their financial data means customers can now choose to allow or prohibit their banks from passing information to merchants and 3rd-party service providers. A stroll down a street food market in Denmark makes it clear that many are willing to share their account data. If you want to buy an ice-cream on a sunny afternoon in Reffen, Copenhagen, you likely won't search your pockets for cash. You will not wave your bank card over a terminal, either. You will, instead, unlock your phone, click on your digital wallet app, and complete an online transfer to the account of the ice-cream seller. As he hands you your cone, he will receive a notification on his phone telling him that the funds hit his account.
Fintechs occupy a special place in the digital life of today's customers. Due to their nimble nature, these companies can offer the best solution for a specific problem, wooing customers with comfort, affordability, and quick response.
Our payment orchestration platform IXOPAY is the perfect fit for gathering all those transaction sources and, at the same time, it sets the basis for our clients to be fully PSD2 compliant. As part of its services, IXOPAY supports strong customer authentication on online check-out since September 2019 and figures in the 3D-Secure 2 approved vendors' list for Visa and Mastercard.
About Jakob Geyer
Jakob Geyer, IXOPAY’s Legal Counsel, focuses on complex commercial issues in the fields of payment services, data protection, and IT-law. He joined IXOPAY in 2018 and has since continuously structured the contractual framework of the payment orchestration platform to safeguard compliance with all relevant laws. Jakob also plays a key role in training IXOPAY’s team members in data protection law and promoting a shared understanding of applicable regulatory standards. Connect with Jakob on LinkedIn.
About IXOPAY
IXOPAY is a highly scalable and PCI-certified payment management platform for White Label Clients and Enterprise Merchants. The modern, easily extendable architecture enables the orchestration of payments, provides intelligent routing and cascading functions as well as state-of-the-art risk management, automated reconciliation and settlements along with plugin-based integration of Acquirers and PSPs. IXOPAY is part of the IXOLIT Group, which was founded in 2001 and maintains national and international customers from Vienna, Austria, and Florida, USA. The owner-managed and financed company has grown to an IT specialist with over 60 experts developing innovative solutions and products.