NCR Wins Four GOOD DESIGN™ Awards
How Authentic can aid the transition to PSD2 and open APIs
PSD2 was designed with a number of key goals in mind. The European Commission wants to create a more competitive payments industry, with a wider range of services available to consumers and higher levels of customer protection and security.
In terms of the everyday operation of financial services, two of the most significant changes coming into effect with PSD2 are the enablement of payment initiation service providers (PISPs) and account information service providers (AISPs). Customers will be able to give these third parties permission to initiate payments on their behalf or access their bank account data for purposes such as product comparison.
What this means in practice for banks is that they will be required to use open APIs (application programming interfaces) - sets of functions and procedures that will allow third-party access to customer data and to request payments on behalf of the customer. This is a big change, but there are solutions available to help banks handle this transition as smoothly as possible.
Handling API requests with Authentic
If your business is looking for a technology solution that will make handling transactions and requests via APIs much easier, Authentic, NCR's transaction-processing platform, could be the answer.
An API is essentially a system that transports a message into a bank, and Authentic can give you the tools required to extract the necessary data from that message and determine what steps are required to complete the request.
What's more, the technology can provide connections to the relevant systems within the bank that can provide the information required to fulfil the incoming request or transaction.
Putting this in context of PSD2, the legislative changes will see AISPs requesting data from a number of core systems within banks. Similarly, payment requests coming from PISPs will have to engage with banks' card systems or faster payments infrastructure to execute the transaction.
Authentic is designed to enable these connections with various external systems and deliver a clear workflow for completing and responding to requests arriving via APIs.
The technology is already showing its worth for the financial services industry, with a top ten US bank seeing results after deploying Authentic as its main system for connecting with internal and external systems and publishing those services as APIs.
The broader picture for APIs
There's no doubt that APIs are growing in importance as a core component of how the banking industry functions today and how it will evolve over the coming years.
The PSD2 legislation will make this technology a much more prominent part of financial services in EU member states, but we're also seeing markets like Singapore and Australia push the concept of open banking. These efforts to open up the banking industry and increase competition will be driven by open APIs.
There are still some questions to answer - around authentication and security, for example. When it comes to AISPs using APIs to request account information from banks, more clarity is needed on how the bank confirms that the provider has the customer's permission to access their data.
But as long as regulators and the industry can find satisfactory answers to these sorts of questions, we can expect to see open APIs becoming an increasingly important element of financial services - and indeed many other industries - in the years to come.