Requesting Account Information (AIS)
PSD2PSD2 stands for Payment Services Directive 2 and is a new EU regulation in effect since September 14, 2019. It governs electronic and other non-cash payments. The main provision of PSD2 is for Strong Customer Authentication (SCA), a process that seeks to make online payments more secure and reduce fraud while increasing authorisation rates. The European Banking Authority (EBA) recently extended the deadline for PSD2 compliance until December 31, 2020. defines the "Account Information Service" as an online service to provide consolidated information (balance, transaction history) on one or more payment accounts held by a PSUPayment Services User – an individual person or legal business entity making use of an Open Banking service as a payee, payer or both. with one or more payment service providers.
As it relates to an AISPAccount Information Service Provider – a TPP authorised to access consumer or business account data from the account holder's financial institutions with the account holder's explicit consent., this essentially means that, under open banking protocols, banks allow access to a customer's account data by TPPs only if the customer (PSU) explicitly gives consent (grants permission) to let the bank allow such access.
In the context of the account information queries discussed here, AISP and TPPThird-Party Provider – an authorised online service provider introduced as part of Open Banking. TPPs exist outside of the account holder’s relationship with their bank but may be involved in transactions carried out by the user. are one and the same.
The scope of analysis and service Token supports includes comparing a PSU's accounts and transaction history to a range of financial service options, aggregating data across participating financial institutions and customers to create marketing profiles, and making new transactions and account changes on the PSU's behalf.
To access Account Details, the value of supportsInformation must be true for each bank displayed to the user for selection from the GET /banks payload.
API support for accessing a PSU's account information institutes a communications flow that ensures all PSD2 mandates for PSU consent and authorisation are met.
See Base URLs.
Typically, the bank requires a user ID as the first step of the credentials exchange necessary to identify the user. Additional details may be required, as well.