Open Banking Support
What is Open Banking?
The second EU Payment Services Directive (PSD2) introduces a new access model that requires providers of payment accounts to create interfaces to allow authorized third-party providers to access user accounts with the user’s consent. This is referred to as access to accounts or Open Banking.
Open Banking allows third parties to request three types of access to users’ payment accounts:
- Access account information: Account Information Service Providers (AISPs) can view transaction history of a payment account.
- Confirming that funds are available: before a payment can be completed, Card-Based Payment Instrument Issuers (CBPIIs) or Payment Initiation Service Providers (PISPs) can check if the balance of an account has sufficient funds.
- Initiating new payments: Payment Initiation Service Providers (PISPs) can initiate a payment from a user’s payment account.
The aim of Open Banking is to encourage collaboration across the banking industry and provide consumers with more options to access information and functionality across their financial institution accounts.
How can third parties access Stripe accounts?
Since its inception, Stripe has provided a full suite of APIs for third parties to request access to any Stripe user account via OAuth. Stripe’s existing OAuth system allows for two types of access:
Access type | Stripe API functionality |
---|---|
read_only OAuth scope | Read most API resources |
read_write OAuth scope | Read and write most API resources |
Many third parties have built extensions using our existing OAuth flow. We recommend that most builders of third-party extensions continue to use our existing OAuth flow; you can find the documentation here.
However, in order to support Open Banking, we’re providing three new types of access:
Access type | Stripe API functionality |
---|---|
open_banking_account_information OAuth scope | Read Application Fees, Balances, Charges, Disputes, Payouts, Refunds, Top-ups, Transfers, and Balance Transactions |
open_banking_balance_confirmation OAuth scope | Read Balances |
Payment Initiation Request API | Create Payouts to an External Account on file, and create Transfers to a connected Stripe account |
We encourage you to compare our existing OAuth system with these new Open Banking APIs to see which solution makes sense for your use case. Note that only a very limited subset of Stripe user accounts are eligible to be accessed via the Open Banking APIs.
eIDAS certificates
To use Stripe’s Open Banking APIs, third parties need to obtain an eIDAS QWAC certificate that identifies them as an AISP, PISP, and/or CBPII in good standing. These certificates are issued by European signing authorities, known as trust service providers (TSPs).
Contact us if you believe you do need access to our Open Banking APIs.