The client needed to implement the payment processing with the use of AIS - Account Information Services. Why? Manual account authentication is problematic because there’s always a need to ask customers for additional KYC documentation, which takes a lot of time and may cause costly mistakes. KYC stands for Know Your Customer - it’s a set of documents that allows for establishing the identity of a person. Usually, Photo Proof or Address Proof is obligatory to open a bank account. With the tool we were working on, customers’ full names and account numbers can be confirmed by secure access to their accounts. Now it’s time for a faster, more affordable, and time-saving solution!

What is AIS?

The Account Information Service provides the ability to extract individual or company transactions. It also gives you access to the customer's online payment account information.

How does it work?

1. First, the customer has to choose our client’s payment processor while checking out and selecting the bank.
2. Then, gives the tool permission to securely access account data.
3. Next, the customer should authorize access via his bank’s app or online banking.
4. As a result, companies access encrypted data through webhook notifications.

Biggest challenges:

• Providing asynchronous processing of requests as part of the integration into the open bank infrastructure through the use of queues (AWS SQS) and the QRS pattern. It enables integration with the external API to be parallel, reducing user waiting times for the data to be obtained and the ability to re-integrate when an error is encountered.
• Anonymising and securing data. Implementing functionality that encrypts data collected from users during and for the process. Before providing the client with the user-sensitive data, it was permanently anonymized. Then, we implemented functionality that anonymizes application logs.
• Integrating and error handling in a microservice architecture. Using Sentra and AWS CloudWatch to track the ongoing monitoring of applications. Implementing a common identifier between the microservices allowing for tracking data exchange and flow.

What is the PSD 2 Directive?

PSD 2 is a second iteration of the European Union directive introduced in 2007. PSD is short for Payment Service Directive which aims to regulate payment services and payment service providers. PSD 2 deals with better competition and participation in the payments industry. It also introduces security requirements for the initiation and processing of electronic payments and the protection of consumers' financial data. Does PSD 2 affect banks? Yes, because it allows non-banks, corporates, or FinTech businesses to directly access consumers' bank accounts to gain access to customer data and make payments.