Data Sharing Services in the Field of Payment (DSSP)
Data Sharing Services in the Field of Payment (DSSP)
Open Banking refers to the sharing of financial data with authorized third-party service providers (TPPs) in a secure environment, and Data Sharing Services in the Field of Payment include two essential services defined under the payment domain within the Open Banking framework.
What is Open Banking?
- Open Banking is the process of making data in the financial system accessible to authorized TPPs through standard Application Programming Interfaces (APIs) in compliance with established regulations.
What is Data Sharing Services in the Field of Payment (DSSP)?
Under DSSP, two essential services are defined for the payments area, which falls under the authority and responsibility of the Central Bank of the Republic of Turkey (CBRT):
- Payment Initiation Services: The service that allows initiating a payment order related to a payment account held at another payment service provider, upon the request of the payment service user (PSU) [Article 12, paragraph 1, subparagraph (f)].
- Account Information Services: The service that provides consolidated information on one or more payment accounts held by the PSU at payment service providers, presented on online platforms, with the user’s consent [Article 12, paragraph 1, subparagraph (g)].
What is the Purpose of DSSP?
- Within the DSSP framework, authorized TPPs can offer PSUs the ability to perform transactions faster, at lower costs, and with a better user experience through innovative financial services developed in a competitive environment. At the same time, financial institutions can make their existing core services more widely accessible and tailored to customer needs through authorized TPPs.
The two essential services defined for the payments domain under DSSP:
-
Account Information Services (AIS): A service that allows Account Information Service Providers (AISPs) access account information from online payment accounts held at Account Service Payment Service Providers (ASPSPs), in order to provide account information services to a PSU.
- Payment Initiation Services (PIS): A service that allows Payment Initiation Service Providers (PISP) initiating a payment order related to a payment account/card held at another ASPSPs, upon the request of the PSU.
The basic principles for DSSP under the Regulation Provisions are as follows:
ASPSPs are required to provide Data Sharing Services in the Field of Payment to AISPs and PISPs.
- In the payment initiation service, the parties involved are the PISPs and the ASPSPs.
- In the account information service, the parties involved are the AISPs and the ASPSPs.
- Strong Customer Authentication (SCA) must be performed for the PSU at the ASPSP in DSSP, and the PSU can use the services if the payment account is accessible online.
INNOVATION WITHIN THE SCOPE: POSTED / RECCURING PAYMENTS AND SHARING OF CARD INFORMATION
With the newly added features, the DSSP scope has been expanded; the system has become more flexible and sustainable.
New services included in the scope:
- Post‑Dated Payment
-
- It is now possible to schedule a payment‑order service for a future date.
- Recurring (Regular) Payment Instruction
- Instructions for payment order services that repeat at regular intervals can now be created.
- Card Information and Transactions
- The card information and transactions service has been included under the “account‑information consent” scope.
- A Payment Service User can view cards issued by other institutions/organizations for which the user has given consent; the user can also access detailed card data (limit, statement, account‑closing date, etc.) and the card’s transaction history.
- Consent Update
- Consents for sharing account information can now be updated without cancelling the existing consent.
- Consent Period Update for Corporate Customers
- For corporate customers, the consent period for sharing account information has been extended from 6 months to 12 months.
To access the API principles and rules, go to https://ohvps.github.io