PSD2 is a directive created by the EU to promote more competition on the financial services market and strengthen security for online consumers. The directive introduces the concept of licensed external parties that can offer certain financial services to consumers: Third Party Providers or TPPs. Banks and account-holding institutions will be required to give TPPs access to transaction and account information, so they can take over the direct relationship with the customer. This dramatically reduces the barrier to entry to this market and creates a range of opportunities for TPPs. You can read more about PSD2 in our dedicated blog post.
TPP status offers great opportunities for all sorts of companies, especially those who already deal with some form of financial services such as:
To become a TPP and gain access to transaction and account information, companies must obtain an AISP (Account Information Service Provider) or PISP (Payment Initiation Service Provider) license. Both new and existing companies can apply for one or both of these licenses, as long as they meet the national PSD2 requirements of their member state.
The two types of TPP licenses reflect the activities that can be provided: services based on account information or payment initiation services. As long as the security requirements are complied with, the forms these services might take are near limitless. That way, PSD2 hopes to encourage TPPs to come up with innovative propositions that will add real value. Some examples include:
The beauty of this concept is that most TPPs are not subject to the same stringent regulatory burden as traditional banks and are typically not weighed down by the legacy IT infrastructure that constrains most banks. As a result, they can be much more innovative and adaptable, allowing them to meet market demand quickly and efficiently.
The new requirement to give third parties access to transaction data might sound like a loss for banks. However, it also gives them the chance to become more competitive and improve customer relationships. If banks choose to collaborate with innovative TPP partners or even take things in-house and apply for their own TPP license, they could offer all sorts of customer-focused services to stay one step ahead of the competition.
Of course, TPPs also need to respect some ground rules. After all, consumers are giving them access to highly personal and sensitive information. That is why PSD2 has put a number of strict security requirements in place. The directive focuses on two main areas:
To comply with these requirements, TPPs have to build a sophisticated and adaptable infrastructure. A CIAM platform offers a convenient solution, as it can help you implement things like strong customer authentication, fine-grained access control, and user analytics while allowing you to connect with banks and other payment services. You can read all about what you need to become PSD2-compliant in our dedicated article.
Onegini offers a high-quality CIAM solution: Onegini Connect. This platform is fully PSD2 and GDPR-ready, offering banking-grade security and a strong customer focus. Onegini Connect is used by companies ranging from large e-commerce retailers to insurance companies to offer a seamless customer experience and top-of-the-line integration with new and existing applications. As you prepare to become a TPP, Onegini Connect can supply the adaptable, streamlined infrastructure you need to be fully compliant and set your service-offering apart.
Looking to become a licensed AISP or PISP? We’d love to hear your ideas and explore how Onegini Connect can help propel your business to the next level. Get in touch with us today via the form below for a no-strings consultation.