In Europe, Payment Services Directive, version 2 (or PSD2) deadlines are fast approaching. An opinion piece in Finextra suggests that the industry is not entirely ready for this monumental change. If you are not familiar with P2D2, here’s a brief explanation of this mandated change that impacts how financial institutions share their clients’ data:Over 4,000 European banks must open their legacy (mainframe) data stores to Third Party Players (TPP) for retrieving account information or initiating payments via APIs.Setting aside the business and competitive complexities brought by the requirement to share customer data, the security impact is massive. And that is part of the reason many banks are not prepared:Those banks, which already launched studies in context of PSD2 know that the impact of the IT and operational related issues are considerable:
• A secure API gateway with coarse grained and fine grained API authorization.
• Integration with different - often very closed - legacy systems.
• Management of the customer consents for TPPs to retrieve data.
• The technical and operational process for onboarding TPPs.
• A sandbox for TPP developers to find the documentation about the bank’s APIs and to test them.
• Providing a trained support desk to TPP developers to contact in case of integration issues.
Considering the costs and the liability assumed for not properly securing data, it is no wonder many banks are looking to provide only what is needed to become compliant and nothing more. This blogger believes this is the wrong tactic, however, and suggests that banks need to be more aggressively moving towards an open platform for the benefit of others:This could be a short-sighted strategy and the banks who adopt this approach risk missing out on future revenue opportunities, as PSD2 is just the beginning! Banks must accelerate their transformation to an Open Bank environment, offering innovative value-added customer services in several ecosystems. To help them on their journey, banks should acquire a solution to build tailored digital experiences faster and more agile and which provides a full pre-packaged PSD2 offering
Overview by Sarah Grotta
, Director, Debit Advisory Service at Mercator Advisory Group
Read the full story here