Benefitting from a new regulation?
The revised Payment Services Directive (PSD2) is a new European regulation that aims to benefit all end users in the payments space, both consumers and businesses alike. How is it relevant for you?
PSD2 will increase payment service innovation without sacrificing security by requiring banks to provide a direct, secure connection to end-user accounts and transactional data for third-party systems, as well as allowing third-parties to initiate and authorize payments.
This new regulation enables bank customers to authorize third-party access to their financial information through open application program interfaces (APIs). These APIs are the key to lowering the barrier to entry and encouraging competition and innovation in payment services.
What are APIs exactly?
An API is a standardized set of requirements that governs how one piece of software communicates with another; it is an interface used by programs to interact with an application. An API is like a librarian that listens to your request for information and knows where to provide you with the information you need in a format that works for you, e.g., a book, a magazine, or a video.
In fact, you already use APIs, whether you are aware of it or not. Google’s API allows you to log in to multiple sites (Dropbox/Spotify) using your Google username. Booking.com pulls pricing information from multiple hotels at once. The “share” button on a news website uses an API to share the item to your social media account.
In the context of PSD2, an API from a third-party application can make a request with standardized input to another system and have that system perform an operation and deliver a standardized output back to the third-party application. In the financial sector, an API will require at least pre-authorized access for developers to obtain secured data. Using an authorized API, payments through a merchant site can be completed directly by allowing the merchant to access your financial information at the bank, rather than involving a credit card or payment provider to coordinate the transaction.
Unlike SWIFT messaging, which requires the SWIFT network to act as an intermediary, an API will connect platforms directly to one another, or at least allows new entrants to offer a solution without having to connect to the SWIFT network.
How safe is my information?
The Regulatory Technical Standards (RTS) will offer guidance on how to solve security issues. The final draft is expected very soon and will include:
- treatment of user’s security credentials;
- requirements for secure communication between third parties and banks;
- full details and definition of strong authentication; and
- availability of license registry for real-time identification of third parties.
After finalization, the RTS on strong customer authentication and secure and common communications will enter into force. The authentication process will include two or more of the following independent elements:
- knowledge – something only the user knows (password, pin);
- possession – something only the user possesses (key material, token); or
- inherence – something unique to the user (fingerprint, voice recognition, iris scan).
What does this mean for my organization?
The new directive will increase the ongoing innovation boom in third-party providers, which should lead to more user-friendly payment services for corporates.
We identified the top seven benefits you should start exploring now to benefit from PSD2:
- Use one digital bank to send payment initiations to multiple internet banks.
- Minimize the time spent on trade finance decisions by using up-to-date payment information instead of balance sheets and records.
- Easily consolidate account overviews with better integration and less effort.
- Readily access working capital data for better analysis and benchmarking of bank fees.
- Improve payment efficiency with automation and new services.
- Have real-time visibility of accounts across banks and territories to improve cash flow visibility.
- Quickly source data required for regulatory reporting.
Overall, PSD2 benefits end-users through consolidation.
Using one digital bank reduces your payment traffic to one location, which decreases both the costs of banking with multiple partners, along with the time required to maintain different accounts. Up-to-date payment information improves the confidence you have to make trade finance decisions while also minimizing the time required to amalgamate that data.
The consolidation of account overviews simultaneously lowers the effort to view working capital data and benchmark bank fees. Payment activity will shift toward automation services and the real-time visibility of accounts across banks in one location frees up resources for other responsibilities. Moreover, the centralization of data drastically makes regulatory reporting requirements easy to provide.