PSD2 API Banking


PSD2 is the revised PSD1,
extending, governing new payment services,
makes it accessible selected services to third parties

PSD2 API Banking


PSD2 is the revised PSD1,
extending, governing new payment services,
makes it accessible selected services to third parties

What is PSD2?

Pursuant to Act no. 281 Coll. Amending Act no. 492/2009 Coll. on payment services and transposing into the Slovak law the EU Directive on Payment Services (PSD 2) effective from 13. 1. 2018, we are publishing the following information with the view to provide access for third parties to payment accounts of payment services users (clients).

The Payment Service Directive – PSD 2 of 13. 1. 2018 known as PSD 2 is the revised PSD 1, extending and governing new payment services, primarily it makes accessible selected services to third parties (Third Party Payment Service Providers – TPP) – via three new services:

  • Payment Initiation Service (PIS) enables clients to enter a payment order by means of a payment initiation services provider (third party) from the client’s payment account held by the Bank, where the client grants consent to the execution of this payment order (the client authorises the payment order),
  • Account Information services (AISP) will enable client through a payment initiation service provider (third party) to obtain account balance and transaction history. This service is enabled after client’s consent,
  • Payment Instrument Issuer Service Provider (PIISP) enables the payment services provider (third party), on the basis of consent from the Client – account holder granted directly to the Bank, to obtain information from the Bank on available funds on the Client’s account.

Who are the third parties?

Third parties (Third Party Payment Service Providers – TPP) are the providers of payment services holding the relevant licence for providing of these new payment services granted by relevant national authority within the European Union.

Entities licensed to provide a payment service (account information services provider, payment initiation services provider and issuer of payment means linked to a payment card) must fulfil conditions pursuant to the PSD2 Regulation and guarantee the same data protection and security as banks.

It must be stated that access to the this client’s payment account will be made available only with the payment account holder’s consent.

What is the regulatory technical standard (RTS)?

This is Commission Delegated Regulation (EU) 2018/389 of 27. 11. 2017, which contains regulatory technical standards for strong customer authentication and common open communication standards developed by the European Banking Authority (EBA) in cooperation with the European Commission. The RTS will enter into effect 18 months following their approval by the European Parliament and following their issue in the collection of laws, meaning 14. 9. 2019.

What is an API?

An API (Application Programming Interface) is a communication interface that enables third parties to securely communicate with a bank. Through this interface the bank allows access to clients’ accounts to third parties in order to provide new payment services. Since the Act enables a payment services provider to select the technical method of how to ensure third-party access to a payment account, and this either by means of an API interface or by means of reading the user interface (screen scraping), the Bank can select one of these two methods, and thereby fulfil its statutory duty.

Access to the Dedicated Interface of Slovenská sporiteľňa, a.s. (“API”)