Account Information Service & Payment Initiation Service Providers
Regulations and Directives such as the European Payment Services Directive (PSD2) motivate banks to open up their infrastructures for third party services providers (like payment of account information services). This requires authentication of the service provider and a non-repudiable consent by the account holder.
This reform has resulted in a boom of new services and solutions, with benefits for the end-customers, banks and service providers alike. However, these open bank APIs expose data and functionality inside of their core systems. This creates new vulnerabilities for fraud and manipulation, requiring enforced security and uncompromisable IT for banks to remain compliant.
Two core types of service providers are;
❏ Account Information Service Providers (AISP) include the collection and storage of information from a customer’s various bank accounts in a single place, allowing the customer to view their financial position in its entirety.
❏ Payment Initiation Service Providers (PISP) initiates transactions using Open APIs and creates an interface to bridge from the consumer’s account to the merchant’s account (or vice versa), providing the information required to complete the transfer.
Utimaco’s banking-proven and certified payment service infrastructure offers easy-to-implement solutions with the flexibility for dynamic and continuous orchestration of new services and innovation of user experience.