What are external service providers?
External service providers alongside traditional banks can provide you with new services for, say, managing your accounts and making payments. The new Payment Services Act makes this possible by requiring banks to open their account and payment interfaces to external service providers.
External service providers can use OP’s account and payment interfaces if they have a licence issued by the Financial Supervisory Authority. The Financial Supervisory Authority controls actors that comply with the new Payment Services Act. It is not possible for just anyone to provide account information and payment services.
With your authorisation, you can view your account details and make payments also on other than your bank’s services.
Authorising external service providers and strong authentication
You decide whether or not to use these new services. Only service providers licensed by the Financial Supervisory Authority can, with your authorisation, access your account information or initialise payments. This will always require that you authorise them through strong authentication to do so. Your details will not be automatically disclosed to external actors. They will only be disclosed if you enter into an agreement with the service provider on the use of the service.
The new Payment Services Act (PSD2) requires strong electronic authentication when you use account information and payment services – also on the bank’s own services.
You will log into an external service provider’s service with your credentials for that service. The service provider’s service will redirect you to OP’s services. Once there, log in with your OP user ID to make the authorisation for displaying account information and making payments. You are still not allowed to reveal your OP user ID or hand it over to anyone.