In the framework of the new Open Banking architecture, is the creation of the Account Information Service Provider (AISP).
What is AISP?
An AISP is an online service provider, that with a user’s consent can access their bank account information. This online service provider acts as a third party bridge, allowing customers to access their information from multiple banks more freely and in one place. For example, a customer holding several bank accounts can use an AISP to view all their transactions, making banking easier.
The goals of the AISP initiative are:
Increasing financial safety
One of the key priorities of the PSD2 directive is to enhance user security. Providing fintech developers with access to bank APIs will reduce the use of the screen-scraping practice. Users will no longer need to violate the contract with banks and compromise their finances as they will have the choice of using the innovative and convenient services offered by fintech firms.
Increasing the availability of financial services
Simplified user identification implemented in the Open Banking platform will allow customers to apply for financial products (e.g., loans, investments, etc.) in just one click. With the rise of aggregators, it will no longer be a traditional application but a request for a personalized offer from different suppliers. Users will be able to search for the best, or trust the recommendations of the aggregator service.
This is a consent driven model, where the AISP shows the user exactly what information they want to access and for how long (one-off, up to 90 days). Authentication takes place with the users bank where they are again shown the information they will be sharing.
Will a business therefore have access to all of my bank data and transactional history?
No. As mentioned earlier, this is a consent driven model, with all information being shown upfront. If however a user decides they want to revoke consent, they can do so via their banks online login. You may notice your bank now has a ‘shared with’ menu option, this is where you will be able to see a list of any companies you have shared your data with, and what was consented to, and also where consent can be revoked.
Can’t I do this already?
Some fintech services already offer the opportunity of working with different banks through a common interface using a “screen-scraping” connection, but this is unsafe and violates the client’s rights.
But I can continue to use this service?
No. Under PSD2, screen-scraping is to be banned in September this year.