The list of PSD2 banking API standards
With PSD2 directive already in use, the banking and financial industry had to implement the new standards and deliver the required tools.
Due to numerous institutions engaged in the market, there are several different API standards that any Third Party Provider has to take into account.
As one could expect, there are different APIs used in multiple countries and led by different institutions. Here is a comprehensive list of available technologies:
Berlin Group NextGenPSD2
The Berlin Group is a pan-European initiative to deliver a comprehensive API that is both compliant with regulations and fully business actionable. This initiative is led by nearly 40 institutions, banks, banking associations, card issuers, and payment processors. The aim is to build a set of APIs that facilitate the relationship between TPPs and banks in a secure and efficient way.
The API designed by The Berlin Group provides the mandatory functions as well as some optional ones. It does not include implementation or testing environment services.
The Berlin Group initially met in Berlin, in October and currently consists of 26 major players from all Europe, as well as countries outside the European Union including Norway, Denmark, Russia and Switzerland among others.
With the Polish banking system being on the cutting edge of financial technology, it is not surprising information that there is a PolishAPI available, delivered by Polish Banking Federation and supported by commercial banks and TPPs operating on the market. The API is currently used by all major banks in Poland.
The main goal of technology is to reduce the cost of implementing the new regulations and establish common guidelines. The API is designed to be parallel to The Berlin Group’s initiative, not strictly competitive.
The Slovak Banking Association implements API focused on compliance with PSD2 guidelines and security. Similarly to the Polish solution, it covers nearly all banks operating in the country. One of the examples of the focus on security issues is disabling the bulk actions and forcing the user to choose one account as dominant and leading.
Czech Standard for Open Banking
Open Banking UK
The API delivered by the country that is on the threshold of UK (as at the time of writing) aims to keep compliance and interoperability with the banks on the continent. The initiative is driven by Competition and Markets Authority as well as nine country’s largest banks including Barclays plc, Lloyds Banking Group plc, Santander, Danske, HSBC, RBS, Bank of Ireland, Nationwide and AIBG.
It has contributed to this by delivering application programming interfaces (APIs), data structures and security mechanisms for customers to share their financial data easily and securely. The technology is available since 13 January 2018 and new functionalities are expected in the future.
The standard also provides an API for conflict management, a list of authorized TPPs, and centralized sandbox capabilities, in fact exceeding the sole compliance with the directive. The standard also provides an API for conflict management, a list of authorized TPPs, and centralized sandbox capabilities, in fact exceeding the sole compliance with the directive.
This initiative was launched by the main French clearing house, STET. It is supported by contributions from the country’s largest banks including BNP Paribas, Groupe BPCE, Groupe Crédit Agricole, Banque Fédérative du Crédit Mutuel, CIC, Banque Postale, Société Générale, Caisse des Dépôts et Consignations, Crédit Mutuel, ARKEA, HSBC France and OCBF.
These institutions will not be forced to implement the solution. It is a comparable technology to PolishAPI, where the local institutions aim to deliver a parallel solution that provides an augmentation to the dominant technology. It is working towards convergence with the Berlin Group NextGenPSD2 initiative to build a pan-European standard. The initiative focuses on the requirements of the standard and does not provide a testing environment or implementation services.
The availability of several standards and technologies is both a chance and a challenge. Any service provider willing to operate on an international market needs to be compliant with at least two, if not more, standards.
The nature of the PSD2 directive makes APIs open and available. Yet due to minor differences conflicts can occur. Partnering with bankIO is currently the most convenient way to tackle this challenge in an effortless way.