What does PSD2 mean for Third Party Providers?

Author: Thomas Bröker

Last updated: October 8, 2018

PSD2 has levelled the playing field for external service providers dealing with the financial services sector. However, with the new official status of these Third Party Providers (TPPs), it has also introduced a number of new ground rules. Opportunities for TPPs abound, without question, but how can TPPs prepare themselves to take maximum advantage?

What is PSD2?

PSD2 is a directive created by the EU to promote more competition on the financial services market and strengthen security for online consumers. The directive introduces the concept of licensed external parties that can offer certain financial services to consumers: Third Party Providers or TPPs. Banks and account-holding institutions will be required to give TPPs access to transaction and account information, so they can take over the direct relationship with the customer. This dramatically reduces the barrier to entry to this market and creates a range of opportunities for TPPs. You can read more about PSD2 in our dedicated blog post.

Who can become a Third Party Provider under PSD2?

TPP status offers great opportunities for all sorts of companies, especially those who already deal with some form of financial services such as:

To become a TPP and gain access to transaction and account information, companies must obtain an AISP (Account Information Service Provider) or PISP (Payment Initiation Service Provider) license. Both new and existing companies can apply for one or both of these licenses, as long as they meet the national PSD2 requirements of their member state.

What does PSD2 mean for Third Party Providers?

The two types of TPP licenses reflect the activities that can be provided: services based on account information or payment initiation services. As long as the security requirements are complied with, the forms these services might take are near limitless. That way, PSD2 hopes to encourage TPPs to come up with innovative propositions that will add real value. Some examples include:

  • Merchants taking the payments process in-house for a smoother customer experience
  • Apps that offer an overview of all your accounts across different banks
  • Insurance companies offering instant insurance cover based on recent purchases
  • Apps that help you save money based on your spending patterns
  • Banks offering quicker and more secure B2B loans

The beauty of this concept is that most TPPs are not subject to the same stringent regulatory burden as traditional banks and are typically not weighed down by the legacy IT infrastructure that constrains most banks. As a result, they can be much more innovative and adaptable, allowing them to meet market demand quickly and efficiently.

Banks and TPPs: a match made in heaven

The new requirement to give third parties access to transaction data might sound like a loss for banks. However, it also gives them the chance to become more competitive and improve customer relationships. If banks choose to collaborate with innovative TPP partners or even take things in-house and apply for their own TPP license, they could offer all sorts of customer-focused services to stay one step ahead of the competition.

Security Implementation

Of course, TPPs also need to respect some ground rules. After all, consumers are giving them access to highly personal and sensitive information. That is why PSD2 has put a number of strict security requirements in place. The directive focuses on two main areas:

  • Strong customer authentication
  • Secure communications

To comply with these requirements, TPPs have to build a sophisticated and adaptable infrastructure. A CIAM platform offers a convenient solution, as it can help you implement things like strong customer authentication, fine-grained access control, and user analytics while allowing you to connect with banks and other payment services. You can read all about what you need to become PSD2-compliant in our dedicated article.

How Onegini can help you

Onegini offers a high-quality CIAM solution: Onegini Connect. This platform is fully PSD2 and GDPR-ready, offering banking-grade security and a strong customer focus. Onegini Connect is used by companies ranging from large e-commerce retailers to insurance companies to offer a seamless customer experience and top-of-the-line integration with new and existing applications. As you prepare to become a TPP, Onegini Connect can supply the adaptable, streamlined infrastructure you need to be fully compliant and set your service-offering apart.

Get started on your TPP infrastructure today

Looking to become a licensed AISP or PISP? We’d love to hear your ideas and explore how Onegini Connect can help propel your business to the next level. Get in touch with us today via the form below for a no-strings consultation. 

Get in touch with us