When used in Open Banking, Account information refers to an API that gives access to account and transaction information. To gain that access there needs to be two types of authorisation. On one side, the entity accessing the API must be an authorised institution (known as an AISP). On the other side, the person or business that owns that account (called the PSU) must give the AISP permission to access that specific account.
An AISP (Account Information Service Provider) is authorised by a competent authority to access the account and transaction information of individuals and businesses who have given it permission do so. An AISP might use this access to provide a aggregation service, for example, allowing people to see several of their bank accounts in one place.
The ASPSPs (Account Servicing Payment Service Providers) are the account providers. These APIs provide access to customer account information (for example, to AISPs) and also allow third-party providers (TPPs) to initiate payments from the account provider’s customers’ accounts.
The customer must give specific permission to the entity that wants to access their account information and initiate payments on their behalf.
A card-based payment instrument issuer is a third-party card provider that enables a customer to make payments from a bank account held with an ASPSP.
In Open Banking, a Competent Authority is a regulator who can authorise entities to be ASPSPs, AISPs, TPPs and so on. The UK Competent Authority is the FCA.
The Open Banking Directory is the canonical list of providers who are authorised to take part in the Open Banking ecosystem. The directory handles authentication between registered providers.
Directory Sandbox The Open Banking Directory Sandbox provides a test instance of the real directory so that providers can test their implementations before going live. You’ll need to registered with the Open Banking Directory Sandbox in order to use the Zopa API sandbox.
The Financial Conduct Authority is the UK regulatory responsible for authorising participants in Open Banking. It is the UK’s Competent Authority.
Open Banking Limited (formerly known as the Open Banking Implementation Entity) is tasked with overseeing the delivery of Open Banking in the UK.
Open Banking is the consumer-friendly name for the UK’s implementation of the second edition of European Union’s Payment Services Directive. Open Banking oversees the regulatory and technical framework, based on the requirements of the directive, of PSD2 in the UK.
The second edition of the European Union’s Payment Services Directive sets the framework for Open Banking and similar implementations across the EU.
A Payment Initiation Services Provider is a service that uses Open Banking APIs to make a payment from a person’s bank account held at another institution, at their request.
A Payment Service Provider is any of the regulated Open Banking providers, including ASPSPs (such as Zopa), PISPs, AISPs and CBPIIs.
The Payment Service Regulations are the UK’s implementation of the second edition of the European Union’s Payment Service Directive (PSD2).
A Payment Services User is an individual or business using an Open Banking payment service.
The Primary Technical Contact is the person responsible for the management of the technical aspect of an entity’s implementation of Open Banking.
Strong Customer Authentication is the technical standard required by the EBA for PSD2 services.
Third-party providers are the people or institutions that are authorised by a Competent Authority to access customer account information (AISPs) or to initiate payments (PISPs).
The technical standards set for Open Banking (and PSD2 in general) by the Financial Conduct Authority are called the Regulatory Technical Standards.
An Open Banking sandbox provides an environment and data for testing an implementation without having to use real data or be authorised by a Competent Authority.
Access to account –– a key principle in PSD2 –– is a provision that enables third-party access to the bank accounts of individuals and businesses.