BlogVideo

LUXHUB x Axway: Open Banking, APIs & upcoming challenges

5min Read · 22 Jul 2024
open banking api

On June 11th, our Lead Architect and Head of Product Factory, Raoul Neu, participated in the third edition of France API. He was on stage with Axway’s Emmanuel Methivier: both experts focused on how APIs can help the financial services industry solve its current and upcoming (regulatory) challenges.

 

Looking back at the first years of Open Banking

The two experts first discussed the current status of Open Banking in Europe, as well as some of its challenges. “Finding the banks’ APIs is not always an easy task. It might be available on a bank’s developer portal, or as a zip file. Documentation is still a challenge”, started Raoul Neu, who also mentioned the support and reactivity of banks which differs from one to another.

Testing APIs is key for TPPs and sandboxes (testing facilities) are not always available or might not be representative of the actual production environment. “LUXHUB also has a TPP licence and often tests APIs, while sandboxes are available on its Open Banking platform,” added Raoul Neu. In fact, once successfully integrated, some APIs do not return the expected information to the consumer, which might make the TPPs’ service useless or not as efficient as expected.

On the end-user side, strong authentication processes can sometimes be a real challenge, with redirections from app to web and vice versa, and potentially causing friction.

According to the Lead Architect & Head of Product Factory at LUXHUB, “there is still work to be done to increase the adoption and the efficiency of Open Banking, which, according to the Gartner hype cycle, has actually gone through the trough of disillusion to approach its plateau of productivity”.

 

Why leverage the hub effect?

“There are several Open Banking standards in Europe, notably Berlin Group and STET. LUXHUB, as a member of both associations, always keeps up-to-date with the latest evolutions, and can therefore guide and support banks with it,” explained Raoul Neu. This is especially true for smaller banks that do not necessarily have big IT teams and do not master this complex compliance topic. LUXHUB brings its implementation knowledge and experience and can also support banks with procedures with local authorities.

“Moreover, as a hub, we work on development mutualization, and we can ensure the appropriate authentication solutions are implemented. Finally, LUXHUB manages all flows and offers a functioning sandbox,” added the expert.

 

Open Banking success stories

Raoul Neu also explained what account aggregation in the context of PSD2 was all about, and how banks could benefit from a positive image in terms of marketing, helping retain customers. He discussed the reconciliation of accounts in ERP (Enterprise Resource Planning) softwares, making it easier for companies to aggregate the different accounts as well as initiate payments directly from their ERP.

Raoul Neu then shared the example of one of LUXHUB’s clients that decided to replace paper check reimbursements by Open Banking-powered instant payments. “The outdated paper checks solution was expensive for our client but also for banks. Now, reimbursements are done directly via API when end-customers come to the counter. Flows are embedded and extremely smooth for the employees performing such reimbursements,” he highlighted.

Finally, Open Banking can be useful when having to integrate a partner, outside of the PSD2 context, but still leveraging the PSD2 APIs to enable easier, cheaper and faster integration as well as implementation.

Emmanuel Methivier then focused on API management tools and notably on API catalogs that are available for developers. He added: “when complying with PSD2, banks noticed that their information systems were already full of APIs, that were not necessarily mastered, and they decided to put in place specific guidelines, and an important inventory. Also, PSD2 APIs are often used internally, especially in bigger banking groups. Subsidiaries can more easily innovate by leveraging Open Banking APIs and create special products to specific audiences”.

 

Digital Identity & Strong Customer Authentication

The two experts then focused on digital identity, notably discussing the SCA (Strong Customer Authentication) processes which can sometimes be painful. Raoul Neu insisted on the need for banks to provide consistent user journeys and experiences, by making sure that authentication flows are efficient and smooth.

The Lead Architect shared the example of depositary banks and how Third Party Providers could access some of their information, provided they have been granted access by the end-user, obviously. “Such types of data are not made available through PSD2 as they are not payment accounts data. Today, we see some transfers through SFTP, but each bank has its own format and authentication processes, etc.” he explained. “In this context, through an API and with the required authentication, the identity of the API consumer (the TPP) could be ensured and verified, with no additional processes and in an automated way. And this could be applied to other domains, notably in the health sector with its sensitive information”.

In the near future, with Open Finance becoming a reality in Europe, the scope of data that could be accessed will be much more important, paving the way for more innovation in the financial services industry.

 

The upcoming initiatives that will reshape the financial services industry

This brings us to how the financial sector will evolve in the European Union in the months to come, with several proposals/initiatives being currently discussed and about to enter into force.

  • SPAA (SEPA Payment Account Access): this scheme aims at providing a comprehensive set of rules and standards for banks and TPPs on how to access and leverage payment account information within the SEPA area,
  • FiDA (Financial Data Access): a regulation that aims at “opening” the entire financial services industry, going further than PSD2 and payment accounts data. It introduces the concept of “compensation” for the data that will be accessed, with many discussions currently underway,
  • PSD3/PSR (3rd Payment Services Directive & Payment Services Regulation): the natural evolution of PSD2, to notably reduce fraud and introduce permission dashboards, giving end-users more control over their data,
  • DORA (Digital Operational Resilience Act): a regulation on supply chain risk management and digital operational resilience. Financial institutions will have to put in place strategies for managing the risks that their suppliers could create,
  • NIS2 (Network and Information Security 2): focusing on the sovereignty of services and aiming at improving the cybersecurity of entities that provide essential services.

 

Watch the video (in French)

 

Useful Resources See All
Press Release Six major banks in Luxembourg select LUXHUB as their VOP service provider
#PAYEE VERIFICATION PLATFORM
4min Read · 8 Apr 2025
Blog Why an Open Banking expert is the ideal partner for VOP
#Payee Verification Platform
3min Read · 6 Feb 2025
Press Release LUXHUB obtains ISO 27001 certification
2min Read · 13 Feb 2025
In the Media How FIDA opens unprecedented opportunities: 5 innovative and concrete use cases
2min Read · 25 Nov 2024