PSD2 and HSM as a Service

PSD2 and HSM as a Service - part 1: leveling the playing field

Certain events can drastically change an industry forever. The Revised Payment Services Directive (PSD2) mandates certain changes that has the potential to significantly alter how the payments industry operates in the EU. For commercial banks, the run up to PSD2 has meant hectic activity and restructuring of their technical processes.

However, from a business and product standpoint, there are countless new opportunities for anyone willing to think outside the box. This applies equally to the new FinTech challengers as well as the existing financial service giants. After all, turning threats into opportunities is what good business is all about.

A brief introduction to PSD2

The idea behind the Revised Payment Service Directive is to essentially create a more competitive and more secure payments sector in the EU. One aspect of PSD2 deals with stronger authentication, while the other lays the groundwork for promoting innovation. This is being achieved by mandating banks to share certain customer data with third party vendors (with the customer’s permission of course). These third-party vendors may be restricted to just having access to account data (Account Information Service Providers or AISPs), or the ability to initiate transactions as well (Payment Initiation Service Providers or PISPs). 

With this PSD2 mandated access, these AISPs and PISPs can thus offer innovative new services that were just not possible before. It is these opportunities that we will be discussing in this three-part series on PSD2 (read more on PSD2).

A level playing field

Incumbent Banks have enjoyed a significant advantage in terms of high entry barriers that exist for new entrants. These barriers include everything from complex regulatory compliance mechanisms, to vast treasure troves of data which are essential for structuring banking products and even making lending decisions. The disadvantage of these entry barriers is a reduction in innovation across the industry. To be fair, banks have always been early adopters of technology, but the industry is yet to really experience the sort of creative disruption that only new start-ups can bring.

This is the prevailing environment in which the European Commission is trying to pry open bank vaults and force them to share some basic information with third party partners (TPPs) who can then innovate on the bank’s behalf.

This obviously needs the consent of the customer while also requiring TPPs to comply with certain regulations, but it really does shake things up quite a bit. Banks themselves can take the role of AISPs and PISPs, but so can entirely new entrants into the financial service sector. This leveling of the playing field is what is expected to breathe new life into the sector and spur radical innovation.

The creation of this level playing field is where tools like HSM as a Service can really make a difference. It’s one thing to provide access, but that won’t amount to much unless the TPPs can match or exceed the level of transactional security that banks provide. This no longer requires massive upfront capital expenditures - TPPs can tap into cloud services and make use of flexible and scalable solutions for everything from storing data to utilizing Hardware Security Modules for security.

In Part 2  of our series, we shall take a deeper dive into the opportunities that this grand leveling has created for FinTech firms.

About the author

Ulrich Scholten is an internationally active entrepreneur and scientist. He holds a PhD in information technology and owns several patents on cloud-based sensors. His research on cloud computing is regularly published in highly rated journals and conference papers. From 2008 - 2015, he was associated research scientist at the Karlsruhe Service Research Institute (KSRI), a partnership by KIT and IBM, where he researched network effects around web-platforms together with SAP Research.

To find more press releases related with below topics, click on one of the keywords:

¿En qué podemos ayudarle?

Hable con uno de nuestros especialistas y descubra cómo Utimaco puede ayudarle hoy mismo.
Ha seleccionado dos tipos diferentes de Download, por lo que necesita presentar formularios diferentes que puede seleccionar a través de las dos pestañas.

Su(s) solicitud(es) de Download:

    Al enviar el siguiente formulario, recibirá enlaces a las descargas seleccionadas.

    Su(s) solicitud(es) de Download:

      Para este tipo de documentos, es necesario verificar su dirección de correo electrónico. Recibirá los enlaces a las Download seleccionadas por correo electrónico después de enviar el siguiente formulario.

      Descargas de Utimaco

      Visite nuestra sección de descargas y seleccione recursos como folletos, fichas técnicas, libros blancos y mucho más. Puede ver y guardar casi todos ellos directamente (pulsando el botón de descarga).

      Para algunos documentos, es necesario verificar su dirección de correo electrónico. El botón contiene un icono de correo electrónico.

      Download via e-mail

      Al hacer clic en dicho botón se abre un formulario en línea que le rogamos rellene y envíe. Puede recopilar varias descargas de este tipo y recibir los enlaces por correo electrónico simplemente enviando un formulario para todas ellas. Su colección actual está vacía.