Have you ever found yourself conversing with industry professionals (pick any industry), and it feels like they’re all talking in code? A secret ...
7 min. read
5 May 2023
Have you ever found yourself conversing with industry professionals (pick any industry), and it feels like they’re all talking in code? A secret language that you have to decipher to understand what’s going on! Corporate jargon, slang, terminology, and buzzwords – are inherent in every business.
But there are some industry-specific terms, especially acronyms, that only banking and tech insiders know and use. We call it “technobabble.” And, the truth is, you won’t find them anywhere as much as you do in the world of fintech. We love ourTPPs, PSPs, PISPs, AISPs, ASPSPs, EMIs, BNPLs, PFMs, and SCUs.In the open banking space alone, there are enough acronyms to make your head spin. To make matters even more challenging, some of the technobabble tends to be market specific. What could mean one thing in Saudi Arabia can have a different spin in Bahrain – especially regarding regulatory terminology.
But rest assured, once you understand them all, you too can speak like an industry insider. And to help you get started, we’ve compiled a list of the most common acronyms in open banking.
The open banking glossary you need
To make it easier for everyone in the industry, old and new alike, we’re dividing all the acronyms into three different buckets:
These businesses, companies, and customers use, or offer, fintech services linked to open banking.
ASPSPs and PASPs
Short forAccount Servicing Payment Service Provider. ASPSPs are organisations that open and maintain payment accounts for customers. In other words, a bank. But there are other ASPSPs as well. Electronic money institutions (EMIs) that allow customers to open a mobile money account through which they can make payments are ASPSPs as well.
PASP is short forPayment Account Service Provider.A PASP is the same as an ASPSP in that it maintains payment accounts for customers. The only difference between the two is who uses them. In Saudi Arabia, PASP is the go-to term whereas in the UK, EU, and Bahrain, regulators and industry insiders have adopted ASPSP. Simple as that!
Short forAccount Information Services Provider. AISPs are intermediaries that use open banking to enable sharing of customers’ transaction data (think of transactions that are initiated when you buy a product through a checking or savings account, for example) between the customers’ bank and other financial institutions and fintechs. And this data transfer takes place with the customers’ permission. They authorise it. The AISP connects the fintechs or FIs with the bank in real time, and they collect the required account transaction data instantly. But that’s it. AISPs cannot initiate payments and only access transactional information.
Short forPayment Initiation Services Provider. PISPs are the payment intermediary customers can use to pay a seller directly through their bank account or any other ASPSP (remember that?). PISPs allow customers to initiate online payments without having to use a credit or debit card. How do they do this? Through open banking technology, of course.
Short forPayment Service Provider. A PSP is a third-party company that provides the infrastructure for all types of online payment methods. In several places, to be a PSP, one needs a license. In KSA, for example, theSaudi Central Bank (SAMA)defines a PSP as ‘any entity licensed by SAMA to provide one or more payment services in the Kingdom.’ But what exactly does a PSP do?
Let’s say a customer wants to pay for a purchase on Amazon with their debit card. Between them entering the card details and receiving payment confirmation, several things happen at the back end. The PSP manages these processes, including the authentication of the card details and communicating with the issuing bank to confirm if the customer has enough money. All this happens within seconds, and the PSP is the magician behind the curtain.
It’s easy to confuse PSPs with PISPs. Remember, the latter uses open banking tools to deduct money from a customer’s bank account directly and pay the seller with the customer’s permission. A PSP can do thatand/orenable payments through other methods and rails as well, such as debit and credit cards. This means, all PISPs are PSPs but not all PSPs are PISPs. Read that again…but slowly.
Short forThird-Party Provideris perhaps the most common out of all open banking-related terms. TPPs are primarily licensed organisations or people that use open banking APIs (we’ll get to that in the next section) to provide account information or payment initiation services. As we’ve learnt above, these are our AISPs and PISPs. We are aSAMA-licensed TPP providing AIS services in KSA and a CBB-licensed TPP providing AIS and PIS services in Bahrain!
Short forTechnical Service Provider.TSPs are TPPs with a regulatory licence to build, manage, and provide open banking tools and services. They can use these tools to provide AIS and PIS services (we’ll cover these in a bit) themselves or power other AISPs and PISPs. TSPs are essentially open banking technology providers.
Short forPayment Service User. They’re the natural and/or legal person that make a purchase online and pay for it through a Payment Service Provider (PSP). They can either use a PSP that facilitates card payments or a PISP that uses open banking APIs to enable direct payments from the bank account. In short, a PSU is a customer of PSPs.
Services & Technology
The acronyms highlighted here are used to refer to different open banking tools, related processes, and services that use open banking.
Short forOpen Banking. In very simple terms, it’s a new way of banking where the customer owns and controls all of their financial information and data. And through secure open banking APIs, whomever the customer provides permission to, can access this data freely. Banks will have to share the data. This way of banking is highly regulated – who uses customer data and how they use it is clearly governed.We’ve unpacked what open banking is and how it works in a separate article.It’s worth the read to get a better idea of things.
Short forApplication Programming Interface.APIs are communication protocols that connect two parties virtually to enable data transfers between them. APIs are the holy grail of OB. Built and provided by TSPs, APIs allow TPPs to connect with ASPSPs, such as a customer’s bank, to access their account information. And because you now know what these acronyms mean, you can understand what we are saying!
Short forAccount Information Services. RememberAISPs? The services they provide are categorised under AIS. AIS allows for sharing and collection of account information and transaction data. They don’t enable payments.
Short forPayment Initiation Services. RecallPISPs? The services they provide come under the PIS umbrella. It’s simply a payments initiation – a way for PSUs to make payments directly from their bank account using an open banking API tool.
Short forPersonal Finance Management.This is an umbrella term for fintech tools and services that give customers visibility into their transactions across all their bank accounts. People can use these applications to manage their finances, budget, save, and invest smarter. Open banking-enabled Account Information Services or AIS have reinvented PFM services – Here’s howthey do it!
Short forStrong Customer Authentication.Data security is a key feature of open banking. Several regulatory standards, protocols, and practices make open banking technology safe. SCA is one of them. It’s an authentication system that uses a combination of two or more protection elements. There are three main types of elements.
Knowledge – something only the user knows. For example, a password.
Possession – something only the user has and can access. For example, a phone device or number.
Inherence – something that’s part of the user’s physical body. For example, their fingerprint or iris pattern.
In line with SCA, if one of these elements is compromised, the others remain intact. This authentication protocol is used in open banking whenever a TPP asks the customer for consent to access their account information and transaction data and/or initiate payments.
Short forSoftware Statement Assertion. These are items that TPPs need to provide banks as verification to be onboarded as a participant in the bank’s open banking ecosystem. As a verified participant, the TPP can then onboard and gain access to the bank’s APIs.
Short forSingle Domestic Payment. This is an open banking use case for PISPs. It’s a one-time-only direct domestic bank-to-bank payment in the local currency authorised by the PSU.
Short forVariable Recurring Payments.This is another PISP use case. As opposed to SDPs, VRPs allow PSUs to authorise a PISP to initiate recurring payments from their bank account. It’s more transparent and safer than a direct debit.
The Regulatory Ecosystem
Open banking is highly regulated worldwide. There are several regulatory frameworks and authorities governing the use of OB tools and services by different market participants. Naturally, there are several acronyms that we use to refer to these frameworks, directives, and authorities. Take a look:
Short forPersonal Data Protection Law.PDPL is the data law in Bahrain, applicable to any company that processes and uses the personal data of customers. How the data is collected, stored, and used is regulated under PDPL.
Short forOpen Banking Implementation Entity.OBIE is a regulatory organisation set up by the UK’s nine largest banks to oversee the implementation of the open-data standards outlined in PSD2.
Short forPayment Services Directive 2.PSD2 is the second edition of the EU directive that regulates payment services and PSPs across the EU and EEA. PSD2 is the EU’s main open banking regulation.
Short forFinancial Sector Development Programme.As part of the Saudi Vision 2030, FSDP aims to develop and diversify the Saudi financial sector. Open banking is essential to the success of the programme.
Perhaps our favourite acronym of all – used widely (and very generically) across multiple use cases. Short forKnow-Your-Customer.KYC is a security protocol that verifies the ID of the customer. Any ASPSP must carry out a KYC as part of the anti-money laundering (AML) regulations before opening an account for a customer. KYC is also completed in other instances, including when initiating payment transfers.
Kickstart your open banking journey and start integrating with us!
Well, there you have it – a detailed understanding of the acronyms that hold up our industry. The next step is to sign up to ourTG Developer Portalto access a wealth of tools, resources, and guides that will help you get started with your open banking journey.
Whether you’re an experienced developer or just starting out, our platform provides you with all you need to create and test impactful financial solutions that will set your business apart.