Salt Edge Open Banking API now supports eIDAS PSD2 certificates
Salt Edge is the first Open Banking vendor to add the support of eIDAS PSD2 certificates in its system for TPP identification when they access ASPSPs’ channels. Now, the company’s clients that act as payment service providers (AISP, PISP, PIISP, ASPSP) and that use Salt Edge as a technical service provider (TSP) are able to generate certificate requests and upload signed eIDAS certificates into the client dashboard.
The PSD2 Regulatory Technical Standards (RTS) specify that TPPs should be able to use a certificate issued by any Qualified Trust Service Provider (QTSP) in order to identify and authenticate themselves when accessing ASPSP channels. Salt Edge is the first Open Banking TSP that has implemented a self-service generation of Certificate Signing Request (CSR) for test and live usage in its system. The platform supports the generation of both QWAC and QSEAL eIDAS certificates signature requests. This implementation meets the strict PSD2 requirements and helps with maintaining the highest level of security in the new Open Banking era.
In its opinion on the use of eIDAS certificates under the RTS, European Banking Authority (EBA) advises the TPPs that use TSPs (e.g. Salt Edge) to create and use a separate eIDAS certificate for each TSP. This should ensure business continuity and better risk management, because the legitimacy of one certificate would not be affected by the expiration/revocation of any other. As Salt Edge strives to offer highly secure and reliable service, the company will support the usage of dedicated eIDAS certificates.
The whole process of eIDAS certificate generation requires a few easy steps:
- 1. Generate a CSR in the Salt Edge client dashboard (separate CSRs are generated for each type of certificates, i.e. QWAC and QSEAL);
- 2. Send the generated CSR file to QTSP for issuing the eIDAS certificate;
- 3. Upload the signed eIDAS certificate in the client dashboard for the corresponding CSR.
Salt Edge has built this system after consulting with numerous QTSPs and made sure to set up the most optimal and seamless flow of eIDAS certificate usage for its clients. Licensed TPPs are encouraged to already start this simple and secure journey via Salt Edge platform and get one step closer to a successful PSD2 project implementation.
About Salt Edge
Salt Edge is a global fintech company offering a range of cutting-edge solutions to financial institutions, banks, finapps, and other fintech companies. The company is registered as Account Information Service Provider by the UK’s FCA, under PSD2. Among its most popular services are financial data aggregation API, open banking and PSD2 solutions, white label retail banking, and data enrichment. ISO 27001 certified, the company employs the highest international security measures to ensure stable and reliable interoperability channels between financial institutions and their users. Connected to 3100+ financial institutions in 61 countries, Salt Edge brings comprehensive financial data at the fingertips of hundreds of thousands of end-users on a daily basis.
More information: www.saltedge.com
Phone number: +1-437-886-3969
Salt Edge report
Discover what is the current state of open banking payments in Europe in 2021