Open doesn’t mean easy – The complexity behind PSD2 and Open Banking

Open Banking the simple part – Open Security the difficult one?

Slowly the PSD2 API and SCA specifications become more concrete and available (e.g. BerlinGroup). One is now able to developing first test cases against PSD2. It becomes more and more obvious, how complicated Open Banking can become and probably will be in the future. And it isn’t the core banking functionality that makes a developer’s live complicated.  It’s the security diversity behind this new PSD2 SCA API architecture. If we in Germany wouldn’t know better (with HBCI and FinTS) one could believe security has to be that complex. Compared to FinTS the security model  behind PSD2 seems to becoming a complexity monster and a danger for the whole Open Banking approach.

Dead on Arrival?

In the end not only the developer and the integration and innovation party (TPP) might be disgusted. The user might become overwhelmed by the Open Banking based software and security usability.  Probably he will reject Open Banking solutions. The Open Banking market will die before ever gone live. If you like to feel and understand a litte of the given complexity go to the openpsd.org and download the first embedded SCA example (based on the BerlinGroup API). The embedded one is still the simplest one. But we will also work on the other SCA scenarios. I’m still very optimistic for  the whole OpenBanking approach, but compared with the 20 years of experiences of usable APIs in Germany there’s still a long way to go. That’s why we are here at OpenPSD. If you like to help let us know.