tppWise – eIDAS & TPP Validation

PSD2 Compliance

“Article 34 of PSD2 RTS -For the purpose of identification, payment service providers shall rely on qualified certificates for electronic seals or for website authentication”

“Article 5 of PSD2 Directive (EU) 2015/2366 requires all TPPs to be regulated & authorised by National Component Authorities (NCA)”

PSD2 mandate TPPs must register with home NCA and acquire authorisation for the desired regulated roles and obtain eIDAS certificates from Qualified Trust Service Provider (QTSP). ASPSP (bank) must check the TPP's eIDAS cert & NCA authorisation before granting them access for Account or Payment resources. This model put a lot of technical complexity on ASPSP on eIDAS validation with relevant QTSP & also there are 31 NCAs with no standard interface

tppWise - Solution

Our eIDAS validation is developed as an extension to European Digital Signature Services. The extension covers PSD2 specific standards. Our Primary server sync up with all European member states Trust List of Trust Service providers. It includes checking certificate validity, its expiry, QTSP validity and revocation list. Check our eIDAS Diagnostic Tool for validating PSD2 eIDAS certificates.

Our TPP validation service is build in conjunction with Banfico's TPP Directory Data Service, which connects to EBA and all NCA registers. The Directory is updated with latest information of the TPP every 2 hours.

tppWise solution also offer Replica Servers which can be deployed locally (co-located) on-premise for low latency. Replica Server sync up with our primary server on the cloud.

Explore our developer portal for eIDAS and TPP authorisation validation

Try our eIDAS Parser & Diagnostic Report Tool

How Directory integration works?

Banfico Directory provides a single & compliant source of standardised information about active Regulated Entities that can perform Access to Account (XS2A) services in Europe.

tppWise solution is powered by local cache of the directory data from the master Banfico Directory. This SaaS solution is highly available (99.95%)

ASPSP registers on our tppWise developer portal and create an app to validate eIDAS certificates and to consume Regulated Data APIs. tppWise server syncs up with all QTSP LOTL certificates and also regulated entity cache is synchronised with Banfico Directory.

ASPSP make a callout to our tppWise to validate eIDAS/TPP authorisations and enforce access controls.

Features

  • eIDAS/OBIE & TPP validation – a simple API to validate both eIDAS and TPP authorisation
  • eIDAS/OBIE Diagnostic API – help to validate and parse eIDAS certificate
  • Regulatory Data API – Check validation of TPP using an easy to use Data API
  • Real-Time Updates - Critical Regulatory Data changes are updated in our cache
  • Versioning & Audit Log - Easily compare, monitor, and track the historical Regulated Entity, ASPSP, and TPP Data changes
  • Availability – Highly scalable & resilient implementation on the cloud
  • Cost-effective

tppWise – eIDAS & TPP Validation Demo

See Banfico's tppWise – eIDAS & TPP Validation solution in action! Please fill the information below to schedule a demo.