Solving the PSD2 eIDAS challenge
The Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and Common and Secure Communication (CSC) specify that eIDAS digital certificates must be used by TPPs for all purposes of identification to an Account Servicing Payment Service Provider (ASPSP) such as a Bank. As such, Banks need to ensure they are ready to accept eIDAS certificates that are being presented by TPPs to achieve regulatory compliance before the extension deadline in 2020.
For those committing to the regulatory demands and for those that have stalled or have difficulties finding a cost effective solution there are common questions and challenges that arise. These questions require a solution to enable technology to meet the demands and increase revenue streams.
Do I have to deal with eIDAS?
Yes, All Account Service Payment Service Providers must have in place an interface that meets the…
Yes, All Account Service Payment Service Providers must have in place an interface that meets the requirements laid out in the Second Payments Services Directive (PSD2) Regulatory Technical Specifications. A failure to provide an interface that facilitates Third Party Providers to Identify themselves using an eIDAS certificate may be breach of the regulation.
No NCA exemption, What do I do?
Contact us. Provided you have met the requirements for PSD2 Strong Customer Auth…
Contact us. Provided you have met the requirements for PSD2 Strong Customer Authentication, the Raidiam Connect Gateway SaaS can be delivered in 24 hours which would provides a Modified Customer Interface as described by the regulations.
How do I deliver a testing facility?
When you sign up to the Raidiam Conect Gateway SaaS we provision two environm…
When you sign up to the Raidiam Conect Gateway SaaS we provision two environments. These environments can be routed to your test and production internet banking or API channels. It is recommended that Account Servicing Payment Service Providers make available a set of test credentials and accounts for Third Party Providers to build their integrations against.
SCA or API programme is struggling?
Raidiam specialises in customer Identity and Access Management…
Raidiam specialises in customer Identity and Access Management transformation programmes. We have delivered or assisted with the delivery of numerous digital transformation programmes for leading financial services institutions. If you’re struggling to understand the requirements and regulations or are looking for technical architecture and engineering specialists to assist you through your digital journey then Raidiam can assist.
What does it do?
Raidiam Connect Gateway is in simple terms a secure HTTP server that is optimised for regulated PSD2 access to accounts by Third Party Providers (TPPs).
When a TPP connects to an ASPSP, Raidiam Connect Gateway challenges the TPP to present an ETSI-conformant PSD2 eIDAS QWAC (Qualified Website Authentication Certificate) X.509 v3 digital certificate.
The Connect Gateway will validate the certificate to ensure it is well-formed, non-expired, issued by a valid QTSP and not revoked by performing real-time Online Certificate Status Protocol (OCSP) checks. Once all checks have been performed, it will complete the handshake and establish a secure mutually-authenticated TLS connection with the TPP.
Thereafter, API requests and responses and/or online banking-based customer account data can be securely communicated between the two parties.
How it works
As an enabler, Raidiam Connect Gateway provides CISO, CIO and other strategists the option to realise further benefits alongside achieving regulatory compliance.
The ‘Light Touch’ integration with various technology stacks provides flexibility to be compatible with whatever technology choices and implementation you have.
The gateway is designed to be easily transferrable across any technology and to provide frictionless integration points to ensure an environment can be stood up or taken down in an instant to validate the conformance to the eIDAS regulatory challenge:
Sounds Great! What do I need?
Very little. The Raidiam Connect Gateway was designed to solve the specific issue of PSD2 eIDAS Certificate acceptance and validation. Based on Apache, the solution requires nothing more than a pair of RedHat varient servers and a Network Load Balancer.