Open Banking PSD 2 How regulation is shaping
Open Banking & PSD 2 How regulation is shaping the future of banking x. CEEd Belgrade Gary Munro 18 th May 2017 1 Please copy and distribute
Agenda • Drivers for Open Banking • Regulation • Open Banking through PSD 2 • Strong Customer Authentication • Threats & Opportunities 2 Please copy and distribute
Drivers for Open Banking Regulatory Drivers • National & EU • More competition • Diversity of supply • Inclusion of underbanked • Customer expectations • Data Desire for an alternative to card schemes 3 Please copy and distribute
Drivers for Open Banking PSD 2 • Mandates Open Banking • ASPSP – Account Servicing PSP • • XS 2 A – must provide access to accounts TPP – Third Party PSP • • • PISP – Payment Initiation Services Provider AISP – Account Information Services Provider CAF – Confirmation on Availability of Funds GDPR • 4 Conflicts with PSD 2 in places, impact on data services must be adhered to Please copy and distribute
PSD 2 to Open Banking Dutch Payments Association 4 tier model • Level 1 – PSD 2 • APIs States the “What” • Level 2 – RTS • EBA – On SCA & CSC • • Strong Customer Authentication Common & Secure Communications Working Groups RTS • Level 3 – Multi-stakeholder groups • Level 4 – Market Solutions - APIs 5 Please copy and distribute PSD 2
Open Banking APIs ASPSPs API 1 API 2 API 3 …………… AISP / PISP Customer 6 Please copy and distribute API x
Open Banking APIs – Clusters? UK API Dutch API Berlin Group API No Common European API AISP / PISP Customer 7 Please copy and distribute
SCA – key to Open Banking PSP must authenticate the account holder based on 2 FA: • Knowledge • Possession • Inherence ASPSP Identify PSPs via qualified certificates SCA • e. IDAS Explicit consent from account holder for service AISP / PISP 8 Please copy and distribute
Exemptions to SCA? RTS defines a number of exceptions on need for SCA: • • Contactless <= € 50 (€ 150 cum) UAT – parking / tolls Payments <= € 30 (€ 100 cum) Transaction Risk Assessment: • Only if Reference Fraud Rates met Reference Fraud Rate (%) Transaction Value 9 Remote Card based Credit Transfers € 500 0. 01 0. 005 € 250 0. 06 0. 01 € 100 0. 13 0. 015 Please copy and distribute
PSD 2 - GDPR PSD 2 provides Open Banking through provision of data services GDPR protects individuals data Salary Utility Bill Bob Account Fee Mortgage Alice Credit Card Supermarket ASPSP AISP 10 Please copy and distribute SCA
PSD 2 - GDPR Only access data from designated payment account and related transactions. Explicit consent required from user. Open Banking APIs need to protect data. Salary Utility Bill Bob Account Fee Mortgage Alice Credit Card Supermarket ASPSP AISP 11 Please copy and distribute SCA
Open Banking opportunities Threats: • Competition from Tech titans • Competition from Challenger banks / fintechs Opportunities: • Consider strategy • • • Operating model – Customer centric not account centric Financial model Become PISP / AISP • Federated Identity providers • Partner with Fintech 12 Please copy and distribute
Questions are welcome 13 Please copy and distribute
About Consult Hyperion specialises in working out the opportunities and threats which result from the harmony and collision of security, networks and transactions. We are constantly assessing these factors, as they change continuously, and delivering ideas, solutions and products to our clients. 14 Please copy and distribute
Who do we do it for? 15 Please copy and distribute
Contact Browse www. chyp. com Follow @chyppings Mail info@chyp. com Comment http: //www. chyp. com/media/blog/ Listen http: //www. chyp. com/media/podcasts/ Consult Hyperion UK Tweed House, 12 The Mount Guildford, Surrey, GU 2 4 HN, UK. +44 1483 301793 Consult Hyperion USA 535 Madison Avenue, 19 th Floor New York, NY 10022, USA. +1 888 835 6124 16 Please copy and distribute
- Slides: 16