The concept of open banking is one big catalyst for the banking business to achieve the digital transformation. The Banks which can implement the open banking system, allows the third-party providers to access the financial information data of the banking customers through the application programming interfaces (APIs). It is a collaboration between banks and other players within the banking ecosystem. For any consumer, API is an information to be shared between applications with their prior knowledge. Primarily the data collected and shared with third party financial institutions are for better services, lifestyle amenities and managing finances.
The various kinds of data that can be shared are like
- Product data (info about rates, fees, etc.)
- Customer data (info about phone number, email and home address, etc.)
- Account data (info about account details, balances, transactions, etc.)
- Payment transaction data (info about payment initiation, cancel payment, payment status, etc.)
How Banks facilitate Open Banking?
As banks attempt to broaden and improve their digital offerings, countries and regions have approached open banking in different ways. Europe (EU) have legislated, obliging all banks to open their data and payments—with customers’ consent—to third-party providers. The concept of open banking has accelerated with the introduction of European-led Payments Services Directive (PSD2), which enables regulated Third Party Providers (TPPs) to access customer’s bank accounts via secure APIs.
Key provisions of the Revised Payments Directive:
- Regulatory requirement for Open API (Sharing the banking data without sharing login credentials) and access to account data (Xs2A)
- Strong (2-factor) authentication mandatory across all channels. OAuth 2.0*4 is a standard likely to be used by both banks and third parties.
- Transparency of detailed information to the payer before the transaction execution like Charges, FX, dates, and execution times.
- One leg in and out transactions– A broader geographical reach where one party is outside the EU/EEA and any currency within the EU/EEA where there is no FX involved must be supported.
- Higher consumer protection– limiting payer’s liability. PSD2 also contains guidelines on complaints handling.
Who’s who in the new PSD2 world:
Temenos provides a fully integrated front-to-back API-based solution architecture which fully corresponds to the commonly accepted industry definition of an API-based technology platform for open banking
Banks acting as Payment Service Providers:
Transparency of Payment Services – All payment service providers (AS PSPs, PISPs) must provide complete information (charges, FX, dates, and execution times) to the payer before execution of the payment and should execute on payor consent. After execution, it should provide the confirmation of the payment with these details. Similarly, the payment application user for execution should provide the details of payment with a break-up to the payee.
Temenos Payment Solutions (Temenos Payment Order and Temenos Payment Suite) provides front office payment initiation and mid/back office payment execution solutions, enhanced with additional payment information before and after execution of the payment, as mandated in the PSD2.
Payments Coverage – PSD2 has widened the scope of its applicability to include “one leg-out” (OLO) payments, in any currency. They apply to payments initiated and ending in all the EU/EEA countries.
Fig: One Leg Out (OLO) Foreign Currency Payment under PSD2
Payments between PSPs in member states involving any currency other than a Member state currency, should follow the value dating rules. Payer and Payee shall pay for the charges levied by his payment service provider
Fig: Payment within EU/EEA –Other than Member State Currency under PSD2
Temenos Payment solutions will be enhanced to allow execution of payments as per the new rules, through configuration.
Payment Initiation Services – Banks can offer payment initiation services using the Temenos Payment Order solution. Temenos Payment Order deployed in Temenos frameworks, can request access to external (not within the processing Bank, TPP) account information via APIs and execute the payment orders. A payment can be simulated multiple times from the Temenos Payment Order.
Bank acting as Account Servicing Institutions:
Access to Accounts (XS2A) – Under PSD2, Banks servicing customer accounts should have the ability to provide access to account information required by PISPs and AISPs via APIs. As a mandate, information transfer happens securely through market standard APIs with 2-factor authentication for Account Servicing institutions. Temenos frameworks provide reliable, secure, and efficient access to data that can be exposed through APIs, once the standard validation checks are successful.
Customer Authentication and Security – Banks should implement 2-factor authentication for communication with TPPs. Temenos use OAuth 2.0 for authentication and authorisation.
Account/ Payment Information Services – PSD2 defines “Account information service’ as an online service to provide consolidated information (balance, transaction history) on one or more payment accounts held by the Payment Service User (PSU) with either another payment service provider or with more than one payment service provider. Banks can act as online account aggregators, on providing access to TPPs to account information via APIs. Temenos uses Temenos Interaction Framework which will offer the requested APIs under PSD2.
Temenos support for PSD2 and Open Banking Initiatives
Temenos solution is designed to meet the new requirements of open banking market. The PSD2 features embedded in Temenos Transact and Infinity assist financial institutions on their journey to PSD2 compliance.
Temenos Transact supports financial institutions across the world with open banking compliance, which assists with API requests from regulated TPPs. Temenos utilizes PSD2 specific workflows to ensure sufficient authorizations are met, enabling secure communication with regulated entities. Temenos open banking functionality covers the following such as
- Account Information Request.
- Payment Initiation Request.
- Funds confirmation
- Berlin Group (API used widely across the EU) , Uk Open Banking Standard , etc.
Temenos Infinity offers digital banking solutions with the ability to aggregate accounts, balance, and transactions from third party banks using standard open banking APIs from connection providers. The open banking aggregation with API requests to third party banks are on the following
- Consent Management
- Data Storage in Microservices
- Digital apps to guide a user through the processes and viewing aggregated data
- Utilize open banking connection providers for bank to bank API connections.
- An integrated PSD2 solution within the core banking system
- Fully integrated digital channels to support open banking aggregation
- Temenos Fabric middleware layer for easily configure and integrate any PSD2 3rd party APIs
- Visually map the PSD2 APIs and develop highly secure front-end channel applications with Temenos Quantum Visualizer
Open banking is highly driven by regulations such as PSD2 and embraced with modern technology. Temenos provides an integrated and real-time open architecture that allow banks to seamlessly collaborate with their ecosystem partners. This is a flexibility built in Temenos, which allows seamless information access through open APIs. Maveric’s promise of connected core facilitates future ready solutions endowed with encyclopaedic Temenos proficiency to aid digital banking ecosystem.