SOLVING THE eIDAS PROBLEM
The Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and Common and Secure Communication (CSC) specify that eIDAS digital certificates must be used for all purposes of identification to an Account Servicing Payment Service Provider (ASPSP) such as a Bank. As such, Banks need to ensure they are ready to accept eIDAS certificates that are being presented by TPPs to achieve regulatory compliance before the extension deadline in 2020.
For those commiting to the regulatory demands, and for those that have stalled or have difficulties finding a cost effective solution there are common questions and challenges that arise. These questions require a solution to enable technology meet demands and increase revenue streams. Questions such as:
- Do you have problems meeting the eIDAS regulatory demands?
- Do you have problems with the testing facility?
- Have you delayed filing for an FCA exemption?
- Are you looking for a way to hedge your investment?
- Do you look like you are going to miss the PSD2 deadline?
- Are you struggling to implement a compliant API based interface?
- Is your legacy technology stack preventing or limiting progress towards your goals?
- Are your contigent measures in danger of revocation?
- Are you struggling to implement a fallback mechanism?
If these problems are causing concern, then Raidiam Connect Gateway maybe just the solution you are looking for to accelerate your compliance journey and provide hassle free integrations that allow you to maximise the monetisation potential of your API estate.
WHAT DOES IT DO?
Raidiam Connect Gateway is in simple terms a secure HTTP server that is optimised for regulated PSD2 access to accounts by Third Party Providers (TPPs). When a TPP connects to an ASPSP, Raidiam Connect Gateway challenges the TPP to present an ETSI-conformant PSD2 eIDAS QWAC (Qualified Website Authentication Certificate) X.509 v3 digital certificate. The Connect Gateway will validate the certificate to ensure it is well-formed, non-expired, issued by a valid QTSP and not revoked by performing real-time Online Certificate Status Protocol (OCSP) checks. Once all checks have been performed, it will complete the handshake and establish a secure mutually-authenticated TLS connection with the TPP. Thereafter, API requests and responses and/or online banking-based customer account data can be securely communicated between the two parties.
As an enabler, Raidiam Connect Gateway provides CISO, CIO and other strategists the option to realise further benefits alonside achieving regulatory compliance.
The 'Light Touch' integration with various technology stacks provides flexibility to be compatible with whatever technology choices and implementation you have.
The gateway is designed to be easily transferrable across any technology and to provide frictionless integration points to ensure an environment can be stood up or taken down in an instant to validate the conformance to the eIDAS regulatory challenge:
FEATURES AND BENEFITS
In short, Raidiam Connect Gateway is an accelerator that enables orgaisations to maximise the return on their compliance investment. As an agnostic solution, Raidiam Connect Gateway is fully flexible to integrate seemlessly into your infrastructure; irrespective of your technology choices.
More specifically, and related to regulatory compliance Raidiam Connect gateway provides the following benefits:
- Achieve compliance with PSD2 RTS
- Secure your PSD2 APIs with PSD2 eIDAS certificates
- High performance eIDAS Gateway
- Secure & Standards-compliant
- Lightweight and scalable
- Easily configurable and customized
- eIDAS-conformant PKI certificate issuing bundle and test suite available separately
- Co-exists with your existing technology stack
As a solution that is applicable across multi-channels, Raidiam Connect Gateway can assist with Digital initiatives, focussing on the customer journey and experience as well as becoming the 'glue' between legacy and new technology implemented to achieve compliance.
READY TO FIND OUT MORE?
For the chance to find out how Raidiam’s accelerators can assist your PSD2 journey, why not visit the public documentation at http://docs.gateway.connect.aws.raidiam.com/ or simply get in touch info@raidiam.com to arrange a meeting with one of our consultants.