Що пропонує Golden Dimension?

Ми глибоко переконані в тому, що знайденні нами шляхи вирішення проблем наших клієнтів є найкращими з огляду як на потреби кожного окремого клієнта, так і на існуючі пропозиції на ринку. Незалежно від поставленої задачі:  модернізація існуючої опції або розробка повністю нової бізнес-моделі – комплексні рішення і багаторівнева співпраця на етапі розробки і впровадження гарантують досягнення очікуваних результатів.

XS2A

What is the XS2A?

З моменту прийняття Європейською Радою Другої Платіжної Директиви (PSD2), постало питання щодо втілення усіх передбачених вимог. Головною ціллю стала розробка та використання інтерфейсу для доступу до рахунків клієнтів — Access to Account Interface або скорочено XS2A Interface.

Серед іншого PSD2 містить регуляцію нових сервісів, що надаватимуться третіми особами-постачальниками послуг (TPP — Third Party Payment Service Providers) від імені клієнта (PSU – Payment Service User). Ці нові сервіси включають в себе:

  • Сервіс проведення платежів (Payment initiation Service)
  • Сервіс з надання інформації по рахункам клієнта (Account Information Service)
  • Підтвердження наявності коштів на рахунку (Confirmation of the Availability of Funds Service).

Для надання нових фінансових послуг провайдери (далі по тексту TPP) повинні мати доступ до рахунків клієнтів (далі по тексту PSU), утримання та керування яких зазвичай здійснюється іншим учасником фінансового ринку – провайдером з надання платіжних послуг, тобто банком (Account Servicing Payment Service Provider — ASPSP).

Як бачимо з малюнку нижче, банк має надати інтерфейс (так званий PSD2 compliant Access to Account Interface або скорочено XS2A Interface), який TPP буде використовувати для необхідного доступу до рахунків, що регулюється Директивою PSD2.

Наша компанія ТОВ Голден Дайменшин разом з німецьким партнером adorsys.de, займається розробкою Open-Source продуктів, та має неоціненний досвід з впровадження та підтримки власного рішення XS2A інтерфейсу. Наразі вже 53 Європейські банки використовують наш XS2A interface, разом з пісочницею для тестування (Dynamic Sandbox), Коннектором (XS2A Connector) та Адаптером (XS2A Adapter) для інтеграції в свої робочі системи.

Це відкриває перспективи перед нашими партнерами та клієнтами мати відкриті інтерфейси, що відповідають Другій платіжній директиві (PSD2 compliant), а також першими отримувати передові рішення в розробці програмного забезпечення та постійну підтримку на будь-якому етапі впровадження.

 

 

 

Since the adoption by the European Council of the Second Payment Directive (PSD2), the question arose about the implementation in order to meet all of the requirements. The main goal was to develop and use Access to Account Interface or XS2A Interface for short.

Among other things, PSD2 includes the regulation of new services provided by Third Party Payment Service Providers (TPP) on behalf of the client (PSU-Payment Service User). These new services also include:

  • Payment Initiation Service
  • Account Information Service
  • Confirmation of Availability of Funds Service.

To provide new financial services, providers (hereinafter referred to as TPP) should have access to client accounts (hereinafter referred to as PSUs), maintenance and management, usually performed by another financial market participant, the Payment Service Provider, the Bank (Account Servicing Payment Service Provider — ASPSP)

As we see from the figure below, the bank must provide an interface (called PSD2 compliant Access to Account Interface or XS2A Interface for short) that TPP will use for the required access to accounts, regulated by the PSD2 Directive.

LLC Golden Dimension together with our German partner adorsys.de, develop Open-Source products, and has priceless experience in implementing and maintaining its own XS2A interface solution. Currently, 53 European banks are using our XS2A interface, along with a testing sandbox (Dynamic Sandbox), Connector (XS2A Connector) and Adapter (XS2A Adapter) for integration into their operating systems.

This opens up prospects for our partners and clients to have open interfaces that comply with the Second Payment Order (PSD2 compliant), and are the first to get advanced software development solutions and ongoing support at any stage of the implementation.

Dmytro Storozhyk

Co-Founder, Product owner at GoldenDimension

XS2ASandbox

XS2ASandbox by adorsys GmbH & Co. KG and LLC Golden Dimension

The Payment Service Directive 2 (PSD2) instructs banks (those who play role of Account Servicing Payment Service Providers or ASPSPs) to provide a fully productive Access-to-Account (XS2A) interface to Third Party Providers (TPPs) until September 2019. XS2A itself consists of banking services to initiate payments (PIS), request account information (i.e. art of account, balances or transactions) (AIS) and get the confirmation of the availability of funds (PIIS). In order to guarantee the compliance to this deadline due to adaptations and bugs, PSD2 forces the banks to provide a functional dynamic sandbox offering the same XS2A interface in a non-productive environment 3 months upfront (this time — until 14-th of June 2019).

Understanding the importance to banks of implementing this roadmap, adorsys GmbH & Co. KG, together with LLC Golden Dimension, released open sourced (published under Apache license) version of XS2A Service (https://github.com/adorsys/xs2a) and corresponding Sandbox (https://github.com/adorsys/XS2A-Sandbox) that fully meets PSD2 requirements.

What is the adorsys XS2ASandbox? It’s a dynamic sandbox environment that fully meets the PSD2 requirements for providing APIs to Third-Party Providers (TPP). Based on the Berlin Group’s NextGenPSD2 specification for access to accounts (XS2A) interface, XS2ASandbox meets all the regulatory requirements.. XS2ASandbox is open Source out-of-the-box solution, that can be installed in one click and run with one command. As a full member of NISP (NextGenPSD2 Implementation Support Program – https://nisp.online) we provide a NISP compliant solution. This also proves that this solution Is also PSD2 compliant.

Our XS2ASandbox is available by this link: https://github.com/adorsys/XS2A-Sandbox

For whom is it useful? Banks to be PSD2 compliant and TTP to be able to test the interaction of their own products with Banks interfaces that correspond to the Berlin Group’s NextGenPSD2 implementation guideline. This means – 75% of Banks in EU.

What is inside?

XS2ASandbox is a dynamic sandbox environment: you can create users, payments and consents, play with data for testing purposes, simulating the transactions and access to accounts.

XS2ASandbox contains all modules a bank needs to be PSD2 and NISP compliant:

—      Developer portal with detailed manuals to get started and work with the Sandbox.

—      XS2A Interface,

—      Real clearing emulation (Ledgers)

—      TPP-UI for managing accounts and users

—      Online banking UI for testing,

—      Test Trust Certificate Provider

Developer portal

Developer portal is a complete guide on how to run and use XS2ASandbox.

It has information on how to get started, how to test services with typical testing flows, answers to frequently asked questions and main information about the product.

XS2A Interface

  • XS2A-Service is an implementation of NextGenPSD2 XS2A Specification of Berlin Group. All mandatory API endpoints defined in Berlin Group specification are implemented.
  • Consent Management System is the system intended to store and manage consents given by PSU to corresponding TPPs.
  • ASPSP-Profile is a module to store and read ASPSP-specific settings. Can be simply configured in XS2ASandbox.
  • XS2ASandbox always uses the latest version of XS2A Interface, CMS and ASPSP-profile (now 3.x). This means that you can use XS2A components for your real productive solution and have the Sandbox for this solution automatically.

Ledgers

·      You can execute a transaction, payment or consent, create user and accounts.

·      All payment types we have in xs2a are supported (single, periodic, future dated, bulk).

·      Payment execution is supported. Scheduler for payment execution can be configured and customized.

·      Payment cancellation is supported.

·      Special access for TPP to manage accounts and users.

TPP-UI

  • TPP registration.
  • TPP Certificate Service for testing.
  • User interface to manage accounts and users.
  • Test data can be uploaded in .yaml file.
  • Test data can be generated in TPP-UI:

·      Predefined .yaml file for tests is based on NISP documentation.

·      35 users and 51 accounts are created for TPP.

Online Banking

Online banking is a user interface, which helps users to provide a consent or a payment confirmation directly to a bank. Online banking is accessible via links from XS2A Interface responses.

How to use XS2ASandbox

Step 1. Read «Getting started» manual

Step 2. Download, install and run XS2ASandbox

Step 3. Read «Testing flows» and start testing!

With dynamic sandbox TPP UI you can access banking API directly, get TPP certificate and manage testing accounts. The developer portal contains testing instructions and all needed test-cases. All XS2ASandbox services can be installed and run in one simple command. Two main SCA approaches are supported: REDIRECT and EMBEDDED. For redirect approach online banking demo UI can be used.

DEMO environment

We provide a public XS2ASandbox environment, where everyone can play with the described above functionality:

Developer portal:

https://demo-dynamicsandbox-developerportalui.cloud.adorsys.de/

XS2A interface

https://demo-dynamicsandbox-xs2a.cloud.adorsys.de/

Ledgers

https://demo-dynamicsandbox-ledgers.cloud.adorsys.de/

TPP-UI:

https://demo-dynamicsandbox-tppui.cloud.adorsys.de/login

Scope of integration project for ASPSPs

Only few steps needed to integrate XS2ASandbox to ASPSP:

·      Install of test root certificate.

·      Provide SSL-connection termination at the Gateway that checks the certificate.

·      Adjust styling for all UIs (TPP UI, Developer portal and Online Banking).

·      Make adjustments for manuals in developer portal.

·      Make adjustments for ASPSP-profile and test examples.

Adorsys and Golden Dimension are ready to provide you such services to make your ASPSP solution PSD2 compliant.

Scope of integration project for TPPs

  • Install a gateway to banking interface. Here also our XS2A Gateway product (https://github.com/adorsys/xs2a-gateway) could help you.
  • Install Dynamic Sandbox in your environment
  • Start testing your own solution with the Sandbox.
  • Install a solution for GDPR compliant storage of personal information that you will get via XS2A Interface. Here our product DataSafe (https://github.com/adorsys/datasafe) could help you.

Need more information?

LLC Golden Dimension and adorsys GmbH & Co. KG have an impressive experience in PSD2 requirements . We  are proud that 53 Banks are already using XS2A interface. We can help others to be PSD2 complaint too. Just contact us 😉