PISP, AISP and CISP: the Third Party Providers (TPPs) introduced by the PSD2

The rise of the digitisation process has enabled consumers and businesses to access their current accounts through the channels offered by their banks, such as internet banking, apps or remote banking services. The new European PSD2 directive introduced a new category of entities, TPPs (Third Party Providers), authorised to access bank data to provide financial and payment services, given the customer consents:

• PISPs (Payment Initiation Service Providers) offer third parties the opportunity to perform a payment transaction on behalf of a buyer, subject to their authorisation, without the need for them to visit the bank's online portal. For example, a merchant can request a payment via a SEPA credit transfer with pre-filled transaction details, avoiding any manual customer errors typical of traditional credit transfers.
• On the other hand, AISPs (Account Information Service Providers) enable third-party companies to access consumer banks and obtain information about their accounts. Among the benefits is enabling consumers to have access to all the information about different accounts via a single platform and therefore have a general view of their financial situation.
• Finally, CISPs (Card Issuer Service Providers) are a third party that issues debit cards linked to bank accounts opened at another institution. CISPs do not hold the funds directly but can check the availability on the bank account linked to the debit card and can allow the finalisation of a payment for businesses.

With the introduction of these new entities, banks must provide their customers, retailers and companies with the ability to operate and access their accounts online through third parties, guaranteeing operations and without need for any specific agreement between the banks and the TPPs. This is possible thanks to APIs (Application Programming Interface), a system through which third-party services can communicate with banks and collect the necessary information in order to offer their services.

Finally, PISPs, CISPs and AISPs can considerably improve the consumers' user experience, who can access new financial and payment services through channels other than banking ones.

Big Data and Open Banking

Aside from the benefit for consumers of being able to access all the information about their accounts via a single platform, AISPs may use this data for purposes related to the service offered (always with prior authorisation via consent of the party involved).

The fundamental aspect of the creation process of new services and products is that they are tightly connected with the big data platforms of the banking and fintech world. This is how customer behaviours, preferences and needs are studied and explored - thanks to big data. Analysed data is then compared with that obtained thanks to AISPs to further personalise offers and meet the needs of every consumer. Data has to be collected in compliance with the legislations: the GDPR and the European Data Protection Board and protection of privacy and data processing have to be in line with the consent provided by customers.

PSD2, therefore, has introduced innovations in the area of payment security, with Strong Customer Authentication (SCA), and has actively contributed to the rise of new financial and non-financial solutions, with the introduction of TPPs, which are aimed to offer new opportunities to consumers and businesses, in terms of services and user experience.