12.6. PSD2 support

What is PSD2?

With the PSD2 EU Directive - the 2nd Payment Services Directive - the European Union regulates the interaction between so-called TPPs (Third Party Provider; e.g. a fintech company) and banks through APIs.

This page documents to what extent and in what role Airlock Gateway (WAF) and IAM can support banks in implementing PSD2 standards.

Supported PSD2 Standards

There exists several frameworks standardizing how to fulfill PSD2 requirements (e.g. NextGenPSD2, STET, Open Banking Standard, etc.). Support of the frameworks in Airlock mainly depends on Airlock IAM's features.

Details about support each framework, .

Important terms

The following PSD2-specific terms may be used in this documentation and/or in PSD2 specifications.

Term
Acronym for
Description
Used as synonym in this documentation
PSD2
Second Payment Service Directive
EU law regulating interaction between banks and TPPs.
-
TPP
Third-Party Provider
fintech company
AISP
Account Information Service Provider
A TPP providing e.g. a consolidated account overview over multiple banks to users.
fintech company
PISP
Payment Initiation Service Provider
A TPP initiating payments in the bank on behalf of the user.
fintech company
ASPSP
Account Servicing Payment Service Provider
Financial institution offering payment accounts (bank accounts, credit card accounts)
bank
PSU
Payment Service User
End-user of the payment services provided by a TPP.
end-user, customer
EBA
European Banking Authority
The European banking authority.
QTSP
Qualified Trust Service Provider
Trust center issuing qualified certificates for TPPs according to eIDAS.
SCA
Strong Customer Authentication
Authenticate end-users based on two factors.
Strong authentication, 2-factor authentication
eIDAS
electronic Identification, authentication and trust services
eIDAS regulates electronic identification and trust services for electronic transactions in the EU.
-
QWAC
Qualified Website Authentication Certificate
Certficate used to secure the communication (mTLS).
-