AISP vs PISP: Everything You Need to Know!


Post Image

Today, two types of entities can offer you payment services: traditional financial institutions and newer actors with specific licensing, emerging in the wake of the second Payment Services Directive (PSD2).

Indeed, this directive complements initiatives taken in recent years to foster the creation and harmonization of the European payments market, enhance security achievements, and protect consumers.

Thanks to PSD2 and Open Banking, which allows for increased openness of payment data, you now have access to a broader range of payment service providers to assist in managing the financial flows related to your subscriptions.

It is in this context that two new terms have emerged: AISP and PISP.

If these terms are unfamiliar to you or if you wish to learn more about the subject and finally understand their impact on you as a merchant, then you’re in the right place! 🙂

In this article, we will explore what AISPs and PISPs are and what benefits you can derive from these fruits of Open Banking as a merchant.

We will also discuss why you should opt for these new actors, as yes, these are companies that provide dedicated services that can be very useful to you.

Before we begin, let’s start with a brief reminder of payment service providers so you can understand the different categories related to them.

TPPs: The New Actors in the Payment Value Chain

As mentioned in the introduction, PSD2 and Open Banking have democratized the arrival of new actors in the payment world, known as Payment Service Providers (PSP) or Third Party Providers (TPP).

Their role?

To provide you with dedicated solutions for managing your payment flows and associated data, securely, as they must adhere to strict regulatory rules.

Moreover, TPPs, to offer their services, must hold a license issued by the Autorité de Contrôle Prudentiel et de Résolution (ACPR), the authoritative body in France on the subject.

You might wonder what type of services we refer to when mentioning TPPs?

What services?

Thanks to Open Banking, new regulated services have emerged, allowing TPPs to be distinguished based on the categories of services they offer:

  • institutions offering account information services
    → Account Information Service Provider, or AISP;
  • institutions offering payment initiation services
    → Payment Initiation Service Provider, or PISP.

Yes, behind these acronyms lie services (or service providers) that can be very useful for managing your payments.

How does it work?

Since the introduction of Open Banking, financial institutions (like traditional banks, for example) must allow trusted third parties to access their data securely, with the client’s consent and after strong authentication.

This data is exchanged via secure Application Programming Interfaces (APIs).

Now, let’s dive into a detailed overview of these two terms.

AISP, what is it?

As mentioned earlier, AISPs are companies that offer dedicated services through APIs that provide information on bank accounts.

AISP stands for “Account Information Service Provider”.

For you, the use of APIs is transparent since they are computer tools used between your clients’ banks and the payment service provider.

Their goals?

AISPs have two main purposes:

  • to provide users with a consolidated view and information on payment accounts held at different banking institutions;
  • to facilitate the daily management and oversight of accounts.

In terms of services, one of the most well-known functionalities today resulting from AISPs is bank account aggregation, but that’s not all.

AISPs also offer services related to the retrieval of account information, such as:

– the type of account,

– the account balance,

– the account holder…

In summary, these providers will have the responsibility to collect information related to your clients’ accounts (with their consent and authentication), aggregate it, and sometimes even provide you with summaries related to these accounts.

You now have a good understanding of what an AISP is. Let’s move on to the second category of service providers: PISPs.

PISP, what is it?

PISPs are payment service providers specialized in initiating payments on behalf of others, again, via APIs.

PISPs stand for “Payment Initiation Service Providers”.

Simply put, instead of the payment request being made by you, the merchant, through your bank, the PISP will have the authorization to initiate a payment on your behalf on your clients’ bank accounts, securely.

Their goal?

To initiate a payment in place of the financial institution, with, of course, all the prerequisites in terms of security, and again, the final client’s consent.

This payment initiation service can allow you to simplify and optimize the payment process for your subscriptions.

→ By using a payment provider that offers this functionality, you can delegate the initiation of your payment requests to trusted third parties.

What are the benefits?

By using a PISP, you can:

  • simplify your payment processes: by using a provider that offers payment initiation services, you will have the possibility to receive your payments through a secure system that will be integrated directly into your payment process;
  • secure transactions related to your recurring subscriptions: to become a PISP, certain conditions must be met, which you will learn more about in the rest of the article.

AISP + PISP: the winning combo?

You might wonder what the conditions are to be recognized as an AISP or PISP?

Let’s look into that in the rest of the article, as it should reassure many of you regarding data security.

What conditions to be an AISP or PISP?

As already mentioned, the sine qua non condition is to possess a license from the ACPR.

Then, the following conditions must be met to comply with the regulatory framework:

collect explicit consent from the client,

– ensure that collected personalized security data are not accessible to third parties,

not store or use user data not necessary for providing account information services,

access only the account information designated by the user,

– have professional liability insurance covering the territories where the AISP/PISP offers its services, or another comparable guarantee covering unauthorized or fraudulent access and use of payment account data,

identify and communicate securely according to technical interbank standards (encryption, ISO 20022…) that will be defined by the European Banking Authority (EBA).

As you can see, there are many stakes around security to provide you with services that meet the latest regulatory standards.

We’ve looked at the objectives of AISPs and then those of PISPs, and the advantages they offer, but it’s important to note that the two are not incompatible (quite the contrary!).

Some payment service providers offer both account information services and can initiate payments on behalf of a third party, and good news, SlimPay is one of them! 🙂

Imagine being able to have a solution that integrates both the retrieval of information on your clients’ accounts (for example, the IBAN, without them having to enter it) with an account information service and subsequently, initiate your requests for recurring payments!

No, you’re not dreaming, this is indeed possible, so why not favor a provider like SlimPay that offers you these two services in one to take advantage of Open Banking?

In this complex and innovative ecosystem of payments, adopting the combined services of information and account initiation becomes a real opportunity for you to delegate the management of your payment flows to a trusted actor.

And in today’s world where digital payments prevail, you must remain competitive compared to other market players by offering your clients cutting-edge payment solutions from Open Banking that comply with current regulations.