Introduction
The revised Payment Services Directive (PSD2) is a data and technology-driven directive which aims to drive increased competition, innovation and transparency across the European payments market, while enhancing the security of Internet payments and account access.
Among others [PSD2] contains regulations on new services to be operated by so called Third Party Payment Service Providers (TPP) on behalf of a Payment Service User (PSU).
These new services are:
To implement these new services (subject to PSU consent) a TPP needs to access the account of the PSU. The account is usually managed by another PSP called the Account Servicing Payment Service Provider (ASPSP). To support the TPP in accessing the accounts managed by an ASPSP, each ASPSP has to provide an "access to account interface" (XS2A interface).
Responsibilities and rights of TPP and ASPSP concerning the interaction at the XS2A interface are defined and regulated by [PSD2]. In addition, more detailed requirements for the implementation and operation of the XS2A interface are defined by [EBA-RTS].
Key objectives:
Basis of the regulatory requirements are the following documents:
Berlin Group NextGenPSD2
The NextGenPSD2 Initiative is a dedicated Task Force of the Berlin Group with the goal to create an open, common and harmonised European API (Application Programming Interface) standard to enable Third Party Providers (TPPs) to access banks accounts under the revised Payment Services Directive (PSD2). In a unique partnership, participants in NextGenPSD2 are working together with the common vision that open and harmonised PSD2 XS2A interface standards for processes, data and infrastructures are the necessary building blocks of an open, interoperable market. True interoperability is an essential component of competitive pan-European PSD2 XS2A services and will contribute to further progress towards the European Single Market and benefit the payments industry in general and European consumers and businesses in particular.
While a harmonised XS2A interface is essential to enable XS2A services to mature at scale and at relatively low cost, the full PSD2 XS2A ecosystem covers other technical, functional, operational and governance domains with (sometimes optional) complementary services as well, as displayed in the following picture:
For further details see NextGenPSD2 overview here
Intesa Sanpaolo Bank Albania enables TPPs to get access to Developer Portal for the APIs technical documentation and Sandbox environment for testing. The APIs are the technical interfaces to access the services of the bank as an third party. TPPs as Company or developer wanting to use the APIs can access APIs technical documentation and the sandbox environment for testing. API is the acronym for Application Programming Interface, which is a software intermediary that allows two applications to talk to each other. Berlin Group set of APIs are designed to provide the interface that can be used to connect to ASPSPs in order to support PSD2 services like: account information services, payment initiation services, funds confirmation service.
Registration process
The registration process of a TPP goes through the following steps:
1. Register as TPP and create a user account within the Portal, in order to access the system
2. Acquiring the access credentials for API
3. For the purpose of identification,TPPs shall rely on certificates as indicated by the regulation in place.
4. Acquiring a test certificate to access the system in case the TPP is in the process of licensing and has submitted the authorization documentation to a Competent Authority
Requirements
Any TPP or developer intending to use the API published by the Bank in order to enable PSU as the Bank customer to access the services, offeres them under the following assumptions: