PASS Open Banking Platform

Develop new banking solutions through PSD2 compliance

Open Banking API Platform

PSD2-compliant XS2A API to enable third-party providers to access customer accounts and data

More and more customers are looking for innovative banking solutions that make it easier for them to retrieve their account data and process their banking transactions. New entrants, in particular FinTechs, who are already implementing these new, user-friendly solutions, need standards for connecting to the account-holding payment service providers. The second EU Payment Services Directive PSD2 (Payment Services Directive 2) stipulates that banks as account-holding payment service providers must also grant third-party providers access to customer accounts (XS2A, Access to Account).

The PASS Banking API platform XS2A enables banks to realize both, customer requirements and those of the PSD2 directive. The requirements include the specifications of the relevant standardization bodies (such as the Berlin Group) as well as technical functions for implementing RTS (Regulatory Technical Standards) and EBA (European Banking Association) specifications. The APIs required for account access are based on the specifications of the EBA and the Berlin Group (NextGenPSD2). In close consultation with the banks, we continuously adapt the APIs to the regulatory requirements and committee specifications.

Components of the XS2A API Platform

The PASS Banking API contains the following components:
•    API Management
•    Business Logic
•    Connectors towards TPP (Third Party Provider) and ASPSP (Account Servicing Payment Service Provider/Bank)

The API Management consists of five components:

Developer portal

Developer portal

The Developer Portal contains information about how third-party developers use the APIs. Within the documentation, developers can view the structure of the APIs and test them against a sandbox environment.

Administration

Administration

The TPP Management enables the administration of third-party providers. In the Banking API, you can enter the relevant attributes of a partner and define their access rights to the APIs.

 Certificate

Certificate

Secure access and identification of third-party providers are ensured by checking certificates based on the requirements of the eIDAS regulation.

Customer authentication

Customer authentication

For strong customer authentication, the API application accesses the bank's third-party systems.

Monitoring/Analysis

Monitoring/Analysis

For ongoing monitoring of API usage, the Banking API provides data for analysis. Transactions can be tracked and historical data can be accessed. In addition, predefined reports are provided for the APIs.

XS2A API Platform Highlights

PSD2 XS2A

PSD2 XS2A

Comprehensive webservice catalogue according to the Berlin Group Standards.

API Management

API Management

Tools and additional functions, e.g. for partner management and connection or provision of own APIs.

Servicemodel SaaS

Servicemodel SaaS

Operation of the components as SaaS provider in the PASS banking data centers.

Open Banking

Open Banking

Various expansion opportunities towards an open banking platform.

PASS Web Services for XS2A

Data is transferred from the core banking system to the PASS Banking API via dedicated web services. According to the definition of the Berlin Group, the following use cases are supported:

For Account Information Service Providers (AISP)

  • Consent to retrieve account information
  • List of accessible accounts
  • Details for all accessible accounts
  • Credit balance for account
  • Transaction information for account

For Payment Instrument Issuing Service Providers (PIISP)

  • Confirmation of account coverage

For Payment Initiation Service Providers (PISP)

  • One-off payments
  • Multiple payments
  • Recurring payments/standing orders

PASS Services

Our service includes:

  • Consulting
  • Licensing
  • Integration
  • Test support
  • Software as a Service (SaaS)

Documentation of the XS2A API Platform

We provide you with user-friendly developer documentation to help you deploy our XS2A API Platform faster. Find detailed information on resources of the Banking API and a list of various data types, such as account details, account report and payment status.

Usage model of the XS2A API Platform

  Software as a Service (SaaS)
Type of use SaaS
Fee Monthly fee for use incl. maintenance and operation based on monthly requests
Further developments The customer benefits from the ongoing adaptation of the Banking API to the Berlin Group standards
Is an installation necessary? No
Optimally suited for All banks
Advantages
  • Security regarding
    • Investment protection
    • Operation in a secure environment ( banking data center)
  • Banks can concentrate on their core business
  • Easy starting point for a bank to develop towards an open banking provider