Open banking terminology
×![]()
| Term | Description |
|---|---|
| PSD2 | The Payments Services Directive V2 (PSD2) refers to the European Union Directive regulating payment services and payment service providers within the European Union (EU). Key objectives of PSD2:
|
| Open Banking | The open banking concept stems from the introduction of PSD2. It refers to the new way of ‘banking’ in which banks share the financial information of their customers, based on their prior consent, with third parties through open APIs. |
| PSP | A Payment Service Provider (PSP) is a third party offering payment services to businesses. They act as intermediaries between parties who want to make payments (e.g. consumers) and those who want to accept them (e.g. retailers, corporates). |
| ASPSP | Account Servicing Payment Service Providers (ASPSP) are payment service providers offering and managing payment accounts to Payment Service Users (PSU). In the context of Payments Services Directive V2 (PSD2), ASPSPs are required to provide access to the payment accounts, held by their customers. |
| PSU | A Payment Services User (PSU) is defined by the European Union Directive as a ‘natural or legal person making use of a payment service in the capacity of payer, payee, or both’. In the domain of PSD2 Account Information Services (AIS), a given PSU is the payment account holder for one or several accounts held by one or several ASPSPs. |
| TPP | A Third Party (payment services) Provider (TPP) is a PSP authorized by a national bank and complying with PSD2 regulation, to facilitate access to payment accounts, held by ASPSPs and to initiate payments on behalf of payment service users. A TPP can cover one or both of the following roles: Account Information Services Provider (AISP), Payment Initiation Services Provider (PISP). |
| AISP | An Account Information Services Provider (AISP) is a TPP facilitating access to account information like account balance (booked balance and available balance) and account movements. |
| PISP | A Payment Initiation Services Provider (PISP) is a TPP offering services to initiate credit transfers on behalf of a PSU, including authorization and status updates. |
| PXG | PXG is an acronym for PSD2 XS2A Gateway (the PSD2 XS2A service platform offered by Unifiedpost Payments as TPP). XS2A represents the access to accounts requirements defined by PSD2: banks need to make account information available to TPPs, allowing them to provide Account Information Services (AIS) and Payment Initiation Services (PIS). |
| AIS | Account Information Services (AIS), include:
|
| PIS | Payment Initiation Services (PIS), include:
|
| Single Payment | A single payment refers to a payment initiated from one debtor account towards one beneficiary account. |
| Bulk Payment | A bulk payment (or batch payment) refers to a payment of multiple items at once, i.e. from one debtor account towards multiple beneficiary accounts. Example: A user selecting multiple invoices to pay at once, only requiring one Strong Customer Authentication (SCA). |
| Account Holder | See the description here. |
| Mandate Holder | A mandate holder (or mandatary of a payment account) is a natural person who has certain rights on the account. In the context of PSD2, a mandate holder can:
Account holders are mandate holders of their own payment accounts. |
| Data Access Consent | A data access consent refers to a consent granted by a mandate holder of a payment account to a TPP to access information of that payment account. This consent is governed by PSD2 regulation and oversight. Example 1: A PSU grants consent to Unifiedpost Payments as TPP to access his/her account at bank X. In this case Unifiedpost Payments plays the role of AISP accessing account information of other financial institutions. Example 2: A PSU grants consent to a TPP to access his/her account at Unifiedpost Payments. In this case Unifiedpost Payments is the ASPSP allowing a third party to access account information (account balances - booked balance and available balance, account movements). In both cases, the TPP can use the information (for example to check the balance of the account before initiating a payment) but is not allowed to share it with third parties. |
| Data Sharing Consent | A data sharing consent refers to a consent granted by a mandate holder of a payment account to a TPP to share information of this payment account with a third party application. Data of one payment account can be shared with multiple applications. This consent is subject to General Data Protection Regulation (GDPR) regulation. Example: A PSU grants consent to Unifiedpost Payments as TPP to share account information of bank X with Banqup as third party application. In this case Unifiedpost Payments is the AISP sharing information retrieved at external financial institutions with a third party, the latter being Unifiedpost as owner of the Banqup application. |
| SCA | Strong Customer Authentication (SCA) is a european regulatory requirement introduced in PSD2 to reduce fraud and make online and contactless offline payments more secure. To accept payments and meet SCA requirements, multi-factor authentication needs to be built-in. Example: SCA via itsme® for online payments, Personal Identification Number (PIN) code in shops. |