Third-Party Payment Services

Introduction

In accordance with the provisions of the Revised Payment Services Directive (PSD2), Eurobank Private Bank Luxembourg S.A. (hereafter referred to as “Eurobank) will grant access to Third Party Providers (hereafter referred to as TPPs) to client accounts if they have received the client consent. In that context, Eurobank has implemented LUXHUB’s API solution. To find the technical specifications of the API solution please use the following link : LUXHUB’s developer portal

 

Timeline
TPPs can access Eurobank’s testing environment (Sandbox) in order to test the interface with basic data. As of June 14 2019 TPPs will be able to access Eurobank’s dedicated production interface.

 

API standard used 
Eurobank has implemented the Berlin Group standard version 1.13220190215.
For further information, please use the following link : https://www.berlin-group.org/psd2-access-to-bank-accounts

 

Authentication procedure

The authentication procedure applied is the redirection approach, where the individual steps of the authentication are not executed at LUXHUB’s Access to Account interface, but directly between the PSU and Eurobank. The PSU is redirected to the Bank’s web interface for authentication and thereby temporarily leaves the TPP interface for authentication. Once the PSU has been redirected to the Bank’s authentication service, the authentication of the PSU is executed step by step directly between the Bank and the PSU. After completion of the authentication, the PSU is redirected back to the TPP interface without sharing any authentication elements with the TPP. LUXHUB verifies the integrity of this identification by validating Eurobank’s signature of the PSU.

 

Functionalities offered

Eurobank offers the following via its API:

  • Account Information Services (AIS), which allows AISPs to access information on customer’s accounts, such as a list of all available accounts, balances of given accounts and additional details as well as transaction reports;
  • Payment Initiation Services (PIS), which enables PISPs to initiate payment orders, to adjust those if necessary and to access information on the status of these payments.

 

Consent management

Eurobank has implemented the “Detailed Consent” model as per the Berlin Group standard version 1.13220190215.

Eurobank has updated its Consent management policy in order to comply with the Commission Delegated Regulation (EU) 2022/2360 amendment of the Regulatory Technical Standards (RTS)  laid down in Delegated Regulation (EU) 2018/389 on 90-day exemption for account access. From 25th July 2023 onward, the period of exemption of PSU’s SCA has increased from 90 to 180 days under AIS conditions on the TPP-dedicated interface. Prior accesses remain under the original RTS prescriptions.

 

Interface usage statistics

As per regulation, Eurobank publishes on a quarterly basis the daily usage statistics onto its Corporate Website for the scope of both interfaces:

  • the API Dedicated Interface (date, uptime rate, downtime rate, AISP response time, PISP response time, CBPII response time, error response rate);
  • the e-Banking Dedicated Interface (date, uptime rate, downtime rate, Consultation functions response time, Payment functions response time, error response rate).

Rates are given as percentages, Response times in milliseconds.

Link to the ZIP file: Interface_Usage_Statistics_20240919 (per quarter and per interface).

Note: statistics are computed in the light of EBA's methodology clarifications referenced as 2019_4661.

For any further information, visitors may contact the Bank through the Contact Form section of the website.

 

Additional information

  • In regards to the EBA opinion June 2020, the Eurobank Luxembourg Private Bank App2App flow and specificities are documented below:

 

Protocols used and communication

 

Legal references and background

PSD2

https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32015L2366&from=EN

EBA Report on RTS

https://eba.europa.eu/documents/10180/1761863/Final+draft+RTS+on+SCA+and+CSC+under+PSD2+%28EBA-RTS-2017-02%29.pdf

Directive 2018/389 on RTS on SCA & CSC

https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32018R0389&from=EN

 

Definitions

AIS / AISP

Account Information Service / Account Information Service Provider

API

Application Programming Interface

Berlin Group Standard

This Standard has been developed by Berlin Group NextGenPSD2 over a period of 21 months in collaboration with representatives of the market supply-side, i.e. banks, banking associations, payment associations, payment schemes and interbank processors operating in SEPA

CBPII

Payment Service Provider issuing card-based payment instruments

PIS / PISP

Payment Initiation Service / Payment Initiation Service Provider

PSP

Payment Service Provider

PSU

Payment Service User

 

SCA

Strong Customer Authenticating

TPP

Third Party Provider – namely, AISPs, PISPs and CBPIIs

 






























Become a client

Looking for advice or information? One of our consultants will be happy to help.