Open Banking provides the XS2A (access to account) access interfaces (APIs) for the PSD2 regulation based on the Account Servicing Payment Service Provider (ASPSP). The XS2A interfaces of the Confero Open Banking system are implemented according to any standard of the client, for example specification “Joint Initiative on a PSD2 Compliant XS2A Interface NextGenPSD2 XS2A Framework Implementation Guidelines” 1.3.
The system provides PSD2 Core Services:
- payment initiation service — a set of services that allow third-party service providers to initiate a payment on behalf of a client. There are also services available for checking the payment status and obtaining payment information. PSD2 states that all electronic transactions must be strictly authenticated by customers, so after initiating a payment, the customer authorizes the payment with the ASPSP authorization tool;
- account information services — a set of services that allow third-party service providers to access customer accounts, balances, and transactions with customer consent;
- confirmation of funds service — a service that allows you to check whether a given amount of money is available in a particular account.
Trust Manager checks the validity of third-party certificates, including verification with the state authorities (QTSP - Qualified Trust Service Provider).
Third-party (service provider) and end users Authorisation Server is connected to the ASPSP system to authorise end users and payments, and confirm the authority to perform actions.
Stable Resource Server contains XS2A interfaces and transforms data from Berlin Group specifications' format to ASPSP data format and vice versa, as well as audits of all third party service providers’ requests and responses to them. In case of system downtime, ASPSP sends an error notification to the third-party service providers in accordance with Berlin Group’s specification.
Convenient customer portal implies registration of third party service providers and applications; Sandbox – an application developing tool that allows login to the ASPSP system and executing available services during development and testing; reporting tools.
Administration module includes administration of all third party service providers’ applications, audit log containing information regarding users activity and third party service providers’ certificate validations audit log.
