The Directive (EU) 2015/2366 (PSD2) of the European Parliament and of the Council of November 2015 in the internal market of European Economic Area restates the present regulatory framework of the payment services entirely. New measures shall be adopted and be published to comply with this Directive per EU Member States by 13. January 2018, the latest.
PSD2 establishes a fundamental change, i.e. credit institutions shall grant access to payment accounts to the newly defined players (Third Party Provider - TPP) in an objective and non-discriminatory manner, enabling them to offer payment services to formal clients of incumbent banks, directly. It enforces enhanced security measures that need to be implemented by all payment service providers (PSPs) by 2018.
In order to let fresh market entrants access to payment accounts, account servicing payment providers (ASPSPs) should apply such open application programming interfaces (API), based on international standards (e.g. ISO 20022). Those open standards should ensure the interoperability of different technological communication solutions.
In accordance with Article 98 of PSD2 Directive European Banking Authority (EBA) should develop the regulatory technical standards (RTS) to be implemented by all ASPSPs from 18 months after the date of its entry into force (estimated in December 2018).
Based on the regulation ASPSPs should enable TPPs to apply the same treatment of payment service users (PSUs) during their compulsory authentication when using services of TPPs.
The relatively short period of time to comply with the deadline set in PSD2 Directive (13. January 2018) it might cause banks possible bottleneck to get all the preparations done in due time.
Cardinal is ready and fully committed to develop the referred open API corresponding to above regulatory standards and put at disposal for its Partners provided with requisite technical documentation.
To comply with the challenges of PSD2 Directive and the following Regulatory Technical Standards by EBA we advise our Partners to deploy the newly developed Electra openAPI interface.
Considering the amount of information about banking operation gathered over more than 20 years, and the wide-spreading of the application “Electra System” throughout Hungary we are convinced that a standardized open API application could be a preference both for ASPSPs and for TPPs.
All along the configuration phase of Electra openAPI we could take full advantage of the knowledge we have gained of our banking Partners’ Back-End systems in previous implementations of Cardinal’s Electra Systems.
The interconnection of new applications with the existing Back-Ends involves the highest risk in any system implementation. In the case of Electra openAPI employment this risk element can be mitigated by our skillful professionals.
Although the Electra openAPI is a stand-alone product and operates from Electra System independently, Cardinal can take advantage to utilize its attainable components and codes.
When started the development of this gateway it was one of our main task to diminish banks’ limited resources in programming and integration.
Electra openAPI can be implemented and operated also without existing Electra System in banks’ architectural environment.
Though participants should accomplish the technical standards of RTS from December 2018 first, Cardinal designed the technical elements of the interface covering the majority of EBA enactment right from its live start in January 2018.
This is optimal both for ASPSPs and for the TPPs, as they are not compelled to amend and change the open API after 11 months again, once implemented in January 2018.
You can download the projected architecture of the Electra openAPI solution offered by Cardinal here.
Regarding some specific elements of the presented structure attached (authentication tool and method, applied repository of clients’ access management) we are open to offer some flexibility during the final construction with our Partners. Further specification of ultimate solution of each of our Partners will be performed during June 2017.