A new electronic channel to provide open banking services.
The second European payment services directive No. (EU) 2015/2366 (PSD2) imposes a statutory obligation on banks and financial services providers. Under this regulation, banks have to grant Third Party Providers (TPPs) secure access
through a standard, open API (Application Programming Interface)
to account balance and account turnover information, and
to initiate and authorise payment transactions.
The European Banking Authority drafted a Regulatory Technical Standards (RTS) document for this regulation. The document provides that affected financial institutions must provide appropriate support for using APIs, implement Strong Customer Authentication (SCA) solutions, use open communication standards and monitor transactions, among other things.
The European regulation is competition- and technology-neutral. Accordingly, it does not set out mandatory API standards. Still, to support uniform operation throughout Europe, European regulatory authorities selected five API standards implementation initiatives, of which Cardinal chose the German Berlin Group – NextGenPSD2 standard, which seems to be becoming the most popular API standard in Europe, as the basis for implementing the operating logic of Electra openAPI.
To fulfil the needs of our banking partners already using other Electra channels, the openAPI product has a modular design. This allows banks to support certain elements of the services with their own solutions, while the missing functions can be implemented by interfacing Electra openAPI components. Unless the bank already has some functionality in place for its own open banking architecture (which can impose restrictions), the combination of all Electra openAPI modules can provide the entire service set* required for open banking.
Electra openAPI supports the OAuth2, decoupled and embedded authentication modes defined by the Berlin Group.
The new electronic channel also allows multiple signatures (multiple SCA), an essential functionality to manage a company’s daily finances.
*Except for the API Management Portal, which Cardinal does not deliver with its full-functionality solution at the moment.
Modular elements of the Electra openAPI channel:
Payment Initiation Services (PIS) provided through Electra openAPI:
Account Information Services (AIS) provided through Electra openAPI:
Consent services provided through Electra openAPI: