STET, a European leader in payments processing, released a new version (1.3) of its RESTFUL API (Application Programming Interface) standard which will allow Third Party Providers (TPPs) to access payment accounts in a secure way.
Created accordingly to the new Payment Services Directive (PSD2), this API aims to provide a secure and easy-to-use set of services to be implemented by European ASPSPs (Account Servicing Payment Service Providers) on the server side for:
- AISP (Account Information Service Providers)
- PIISP (Payment Issuer Instrument Service Providers)
- PISP (Payment Initiation Service Providers)
It also provides authentication, authorization, proof management and fraud detection oriented features,
This API was designed with the latest technology standards using REST, OAuth2, JSON and HTTP-signature. It also relies on ISO20022 elements for structuring the data to be exchanged between TPPs and ASPSPs and is released under an open license (Creative Commons).
STET has been involved in several working groups, especially at European level and so got the opportunity to discuss about the API characteristics, with all stakeholders: TPP, Banks, Regulators, other API initiatives…
As a result, compared with the previous version 1.2 that was published in July 2017, the new release 1.3 provides a lot of enhancements in order to:
- Comply with the new rules and constraints that were added within the final release of the RTS for SCA.
- Take into account most of the Change Requests that were addressed to STET.
- Include the convergence work that was initiated with the BERLIN GROUP XS2A API for building a unified pan-European PSD2 API and the standardisation works done with the SWIFT ISO20022 Team.
STET published this set of specifications on its web-site (https://www.stet.eu/en/psd2/). This set includes a technical “Open API” file and a detailed description of the different functionalities, which will also be explained through practical examples.
Moreover, STET will actively pursue the collaborative work with all stakeholders for the sake of having a high quality PSD2 API that will satisfy all European actors.