TPP Identity & Regulatory checking
- Product Reviews
- 14.11.2019 11:55 am
Konsentus is the leading online, machine readable, real-time service that provides ASPSPs (i.e. Credit Institutions encompassing Banks & Building Societies, Payment & Electronic Money Institutions etc.) with Third-Party Provider (TPP) Identity & Regulatory checking services required to enable them to comply with the Payment Services Directive 2 (PSD2) open banking, commonly referred to as “access to accounts”.
What is the solution?
Konsentus provides an online, real-time TPP identity and regulatory checking services for Financial Insitutions to comply with PSD2 access to accounts, via a SaaS based platform that delivers the following functionality in support of Open Banking:
TPP Identity Verification: Konsentus verifies a TPP’s identity, using their eIDAS certificates, in real-time via the relevant Qualified Trust Service Provider (QTSP). This gives the ASPSP confidence that the TPP connecting to its Open Banking API or MCI is a PSD2 regulated service provider (i.e. proven identity).
TPP Regulatory Checking: Upon verification of the identity of the TPP, Konsentus checks, in real-time, the regulated status of the TPP on a pan EEA basis and advises the ASPSP on the payment services the TPP is authorised to provide.
Token Issuance, Verification & Management Services: Certain PSD2 schema require ASPSPs to issue consent-based Access Tokens (OAuth2.0) to TPPs. Konsentus provides real-time issuance, checking & validation, and life cycle management of Access Tokens issued on behalf of the ASPSP.
Immutable audit log: Konsentus maintains an immutable audit log of all API calls providing the ASPSP with a system of record of all actions and activity that took place should it be required to assist in dispute management.
What does the solution do?
Konsentus provides an online, real-time single consolidated source of data on all regulated financial organisations across the EEA. The data is collected from the 31 National Competent Authorities, the Official Systems of Record, and is sourced directly from their 115 registers, which contain information on the following regulated organisations: Credit Institutions (i.e. Banks), Payment Institutions, Electronic Money Institutions, Prepaid Programme Providers, eWallet Providers
Konsentus also collects data from the European Banking Authority Credit Institutions Register and the Register of Payment and E-Money Institutions under PSD2, to complement the data collected from the National Competent Authorities.
What are the key features?
· Comprehensive solution - Checks both eIDAS and regulatory status, with full European Economic Area coverage, including passporting data
· Removal of complexity – RESTful APIs remove the significant cost of integrating to multiple regulatory and eIDAS databases
· Speed of implementation - dedicated SaaS solution that can be quickly and easily deployed
· Performance - deployed as a cloud based, micro services architecture to provide scalability, throughput and elasticity
· Reliability – resilient system design across multiple AWS availability zones provides maximum availability and fault tolerant service
Our target audience is all companies who need to comply with PSD2 Access to Accounts. The regulation defines this as any payment account being in the name of the account holder and used for the execution of payment transactions. So organisations in scope include: Credit Institutions (ie Banks), Payment Institutions, Electronic Money Institutions, Prepaid Programme Providers and E-Wallet Providers