February 8 2018
Berlin Group publishes Version 1.0 of the NextGenPSD2 Framework
Today, the Berlin Group has published Version 1.0 of the NextGenPSD2 Access to Accounts (XS2A) Framework that enables Third Party Providers (TPPs) to access bank accounts under the revised Payment Services Directive (PSD2). Version 1.0 integrates extensive public market consultation feedback and is based on the European Commission adopted European Banking Authority (EBA) Regulatory Technical Standards (RTS) for Strong Customer Authentication and Common and Secure Open Standards of Communication.
As the European financial industry opens up access to account information under PSD2, the NextGenPSD2 Framework offers a modern, open, harmonised and interoperable set of Application Programming Interfaces (APIs) as the safest and most efficient way to provide data securely. The NextGenPSD2 Framework reduces XS2A complexity, addresses the problem of multiple competing standards in Europe and, aligned with the goals of the Euro Retail Payments Board, enables European banking customers to benefit from innovative products and services (‘Banking as a Service’) by granting TPPs safe and secure (authenticated and authorised) access to their bank accounts and financial data. The APIs support the PSD2 required account information (AIS), payment issuer instrument (PIIS) and payment initiation (PIS) services and are built on RESTful, OAuth2 and JSON standards, relying on ISO20022 standards for the data elements to be exchanged.
The Berlin Group believes that open and harmonised PSD2 XS2A interface standards for processes, data and infrastructures are the necessary building blocks of an open, interoperable market. True interoperability is an essential component of competitive pan-European PSD2 XS2A services that will contribute to further progress towards the European Single Market and benefit the payments industry as well as European consumers and businesses alike.
The NextGenPSD2 Framework aligns with market requirements as expressed in the market feedback from the public market consultation of October/November 2017 for which a total of approximately 1,000 market comments from 59 organisations have been processed. The Framework also integrates applicable legislations and regulations as it is based on the European Commission adopted EBA RTS version (adopted on 27 November 2017). The NextGenPSD2 Framework Version 1.0 comprises Operational Rules and Implementation Guidelines and is ready to be used by banks and TPPs for implementing PSD2-required bank account access.
The NextGenPSD2 Framework will be available for download on the Berlin Group website (www.berlin-group.org/psd2-access-to-bank-accounts) on 8 February 2018. As a next step, the documentation of Version 1.0 will be extended with an OpenAPI technical specification a few weeks later.
NextGenPSD2 is an open, ad-hoc, pan-European industry standards coalition of 43 organisations operating across all EU Member States and representing a diverse cross-section of the European banking and payments industry. The initiative is not bound to a specific (community of) bank(s) or processor(s) and brings non-competitive shared technical and organisational interests together with heterogeneous stakeholders. The initiative is open for cooperation or liaison with other relevant Open Banking initiatives and for further participation by European banks, banking associations, payment associations, payment schemes and interbank processors. NextGenPSD2 has been created in the spirit of an 'open source' initiative: each participant covers their own costs (there are no membership fees); any possible intellectual property rights associated with the results of this interoperability work are intended to be put into the public domain so that they can be used freely.
A full list of participants, with their company logos, can be found at www.berlin-group.org/psd2-access-to-bank-accounts.
About the Berlin Group
The Berlin Group is a pan-European payments interoperability standards and harmonisation initiative with the primary objective of defining open and common standards in the interbank domain. The Berlin Group first met in Berlin in October 2004. Participants include banks, banking associations, payment associations, national and international payment schemes, and interbank processors working in SEPA. Other standards that have been delivered so far are in the area of card payment processing and Mobile P2P Interoperability. More information can be found at www.berlin-group.org.
Background PSD2 legislation and Access to Account
In Europe, regulators have been the drivers for introducing bank data-sharing and promoting open banking interfaces. The revised Payment Services Directive (EU 2015/2366, also known as PSD2) introduces new 'payment initiation' and 'account information' services, operated by regulated Third Party Providers (TPPs) and enabled via a dedicated Access to Account (XS2A) Interface between banks and TPPs. Further requirements on the implementation and usage of this XS2A Interface have been defined by a Regulatory Technical Standard (RTS) prepared by the European Banking Authority (EBA).
Neither PSD2 nor EBA-RTS require the XS2A Interfaces of all banks to be based on a single standard. This might lead to the problem of multiple competing standards in the market. With thousands of banks and TPPs in Europe, the development, implementation, documenting, testing and maintenance of proprietary, bank-specific XS2A communication standards would involve substantial investment and IT efforts for the whole market. All the more so, given market expectations regarding the safety, performance and future innovation potential.