Fibank has launched its PSD2 API portal where all registered and/or licensed fintech companies can connect and partner with the bank.
The Portal Fibank at psd2dev.fibank.bg provides an opportunity for third-party providers (TPPs) to enable their system to access account information data, payment initiation and confirmation of funds, according to the applicable legislation framework.
We need to point out that, as with us as well as with other banks, the provision of information as well as the performance of all other services under PSD2 will be done only upon the consent of the customer.
Using this portal TPPs can register, develop, test and run their own technical solutions and applications and developers have access to the necessary documentation and support, while maintaining high level of security for customers.
On 14 March, we launched a Developers’ Portal – a sandbox-type test environment, and ahead of the regulatory required deadline, on 14 June, we launched our production environment to allow TPPs to connect to our systems and provide services based on the PSD2 directive. Our goal is to create partnerships with fintech companies and provide our customers with the best possible and reliable approach to providing new services in a timely manner.
This is a relatively new area in banking services for our clients and there is still no established practice in Bulgaria.
We wanted to start earlier to identify emerging business opportunities, as well as customers’ interest.
The goal is to enrich our existing services and provide more interesting and useful services to our clients. In our classical role of a bank, we have enabled TPPs to connect their respective systems with ours so as to obtain the account information necessary for the execution of client orders and to initiate payments in compliance with regulatory requirements.
The developer portal we launched will not affect in any way our customers’ security, their bank accounts, or their bank secrecy. PSD2 imposes clear technical standards and we have fully adhered to them. Furthermore, it is clearly stated who and how may access the information required to run the new services. And this is done only upon clear customer’s consent. The legislation requires that a third party can access a client’s information only upon consent after the person is identified in a secure manner.
It is also important to note that PSD2 does not imply access to anything other than current accounts and the initiation of payments from them. Other bank products are not subject to this regulation and banks are not obliged to provide access to them.
This only happens via two-factor authentication: “Something I know, Something I have and Something I am”. In practice, this means that the information will only be available after entering at least two of the three factors, e.g. a password, a registered user device and the client’s biometric data.
The new directive opens up a number of opportunities for fintech companies to enrich their services with the help of our portal. The new regulations have stirred up the banking sector and exciting new developments are yet to come.