PSD2 and HSM as a Service

PSD2 and HSM as a Service - part 1: leveling the playing field

Certain events can drastically change an industry forever. The Revised Payment Services Directive (PSD2) mandates certain changes that has the potential to significantly alter how the payments industry operates in the EU. For commercial banks, the run up to PSD2 has meant hectic activity and restructuring of their technical processes.

However, from a business and product standpoint, there are countless new opportunities for anyone willing to think outside the box. This applies equally to the new FinTech challengers as well as the existing financial service giants. After all, turning threats into opportunities is what good business is all about.

A brief introduction to PSD2

The idea behind the Revised Payment Service Directive is to essentially create a more competitive and more secure payments sector in the EU. One aspect of PSD2 deals with stronger authentication, while the other lays the groundwork for promoting innovation. This is being achieved by mandating banks to share certain customer data with third party vendors (with the customer’s permission of course). These third-party vendors may be restricted to just having access to account data (Account Information Service Providers or AISPs), or the ability to initiate transactions as well (Payment Initiation Service Providers or PISPs). 

With this PSD2 mandated access, these AISPs and PISPs can thus offer innovative new services that were just not possible before. It is these opportunities that we will be discussing in this three-part series on PSD2 (read more on PSD2).

A level playing field

Incumbent Banks have enjoyed a significant advantage in terms of high entry barriers that exist for new entrants. These barriers include everything from complex regulatory compliance mechanisms, to vast treasure troves of data which are essential for structuring banking products and even making lending decisions. The disadvantage of these entry barriers is a reduction in innovation across the industry. To be fair, banks have always been early adopters of technology, but the industry is yet to really experience the sort of creative disruption that only new start-ups can bring.

This is the prevailing environment in which the European Commission is trying to pry open bank vaults and force them to share some basic information with third party partners (TPPs) who can then innovate on the bank’s behalf.

This obviously needs the consent of the customer while also requiring TPPs to comply with certain regulations, but it really does shake things up quite a bit. Banks themselves can take the role of AISPs and PISPs, but so can entirely new entrants into the financial service sector. This leveling of the playing field is what is expected to breathe new life into the sector and spur radical innovation.

The creation of this level playing field is where tools like HSM as a Service can really make a difference. It’s one thing to provide access, but that won’t amount to much unless the TPPs can match or exceed the level of transactional security that banks provide. This no longer requires massive upfront capital expenditures - TPPs can tap into cloud services and make use of flexible and scalable solutions for everything from storing data to utilizing Hardware Security Modules for security.

In Part 2  of our series, we shall take a deeper dive into the opportunities that this grand leveling has created for FinTech firms.

About the author

Ulrich Scholten ist ein international tätiger Unternehmer und Wissenschaftler. Sie hat einen Doktortitel in Informationstechnologie und besitzt mehrere Patente für cloudbasierte Sensoren. Seine Forschung zum Thema Cloud Computing wird regelmäßig in renommierten Zeitschriften und Konferenzbeiträgen veröffentlicht. Von 2008 bis 2015 war er wissenschaftlicher Mitarbeiter am Karlsruher Service Research Institute (KSRI), einer Partnerschaft von KIT und IBM, wo er gemeinsam mit SAP Research Netzwerkeffekte im Zusammenhang mit Webplattformen erforschte.

To find more press releases related with below topics, click on one of the keywords:

Wie können wir Ihnen helfen?

Sprechen Sie mit einem unserer Spezialisten und erfahren Sie, wie Utimaco Sie unterstützen kann.
Sie haben zwei verschiedene Arten von Downloads ausgewählt, so dass Sie verschiedene Formulare absenden müssen, die Sie über die beiden Tabs auswählen können.

Ihre Download-Sammlung:

    Direkt nach dem Absenden des Formulars erhalten Sie die Links zu den von Ihnen ausgewählten Downloads.

    Ihre Download-Sammlung:

      Für diese Art von Dokumenten muss Ihre E-Mail Adresse verifiziert werden. Sie erhalten die Links für die von Ihnen ausgewählten Downloads per E-Mail, nachdem Sie das unten stehende Formular abgeschickt haben.

      Downloads von Utimaco

      Besuchen Sie unseren Download-Bereich und wählen Sie aus: Broschüren, Datenblätter, White-Papers und vieles mehr. 

      Fast alle können Sie direkt ansehen und speichern (indem Sie auf den Download-Button klicken).

      Für einige Dokumente muss zunächst Ihre E-Mail-Adresse verifiziert werden. Der Button enthält dann ein E-Mail-Symbol.

      Download via e-mail


      Der Klick auf einen solchen Button öffnet ein Online-Formular, das Sie bitte ausfüllen und abschicken. Sie können mehrere Downloads dieser Art sammeln und die Links per E-Mail erhalten, indem Sie nur ein Formular für alle gewählten Downloads ausfüllen. Ihre aktuelle Sammlung ist leer.