The origins of open banking: a brief history
Last editedMay 2023 3 min read
Open banking is changing the way we bank and use financial services in the modern world. The open banking market is growing steadily. A report by Allied Market Research announced a 24.4% growth and predicts the market value will reach over $43 billion by 2026.
Open banking is redefining the way customers interact with financial services, as well as opening up new possibilities in the sector. But, how did we get here, and when did all of this begin?
1980: Screen test conducted by German Federal Post Office
While open banking in practice has only been around for a short while, roots for the concept can be traced back to 1980 when Deutsche Bundespost (German Federal Post Office) conducted an experiment. The organisation ran a screen test with five external computers and invited approximately 2,000 private users to participate.
The experiment was introduced to test their new online banking service, marketed under the slogan “My bank in the living room”. As part of the online service, users could make online transfers using the code “300#”.
This experiment proved to be very impressive at the time and is considered the first appearance of a self-service banking machine. The innovation led to the development of the Home Banking Computer Interface (HBCI) in 1998 and Financial Transaction Services (FinTS) in 2002.
1998–2002: The emergence of HBCI and FinTs
The next step towards open banking was the development of the Home Banking Computer Interface (HBCI) in Germany, an open standard for customer self-service machines and electronic banking. It took 4 years to create and was officially launched after the introduction of HBCI 2.0 in 1998. Through this innovation, security protocols, message formats and transmission procedures were established.
In 2002, HBCI was replaced by FinTs (Financial Transaction Services). These allowed for the use of signature cards and offered a procedure for PIN/TAN, a banking security system where customers need to provide their personal identification number (PIN) to gain access to their accounts.
Additionally, a single-use transaction authentication number (TAN) for a second level of authorisation was required. Both of these numbers are in place to prevent fraudulent activities and to verify user identity.
2004: The creation of SOFORT
In 2004, HBCI and screen scraping were combined to create what is now known as SOFORT. Screen scraping refers to the process of collecting and sharing screen display data from an application.
For this to occur, the bank customer must grant the service provider permission to access their banking information and provide their login details. The service provider can then access the account as if they were the customer. In the case of SOFORT, the customer would log into their account to pay for a service digitally and the service provider would take over to perform all the following steps up until the transaction.
At the time, screen scraping was seen as innovative, however, APIs are the more secure and straightforward option.
2007: The first Payment Services Directive (PSD1)
In 2007, the European Commission devised the first Payments Services Directive — PSD1. Its objectives were to stimulate competition in the financial industry, enhance the quality of services provided and protect the end user. The creation of the directive has led to:
a new industry category – payment service providers
a regulatory framework that permits non-banks to execute financial transactions
the implementation of transparency regulations for banks and payment service providers regarding services and fees
SEPA, a payment-integration initiative in the EU for streamlined euro transfers
the growth of the FinTech sector, as financial institutions now had more capabilities and opportunities
2009: Giropay vs SOFORT
In 2009, German digital payment service Giropay filed a lawsuit against the operator of SOFORT, Payment Network AG, accusing them of creating unfair competition and endangering the security of online banking. The accusations were countered by the Federal Cartel Office and the European Cartel Office in 2011 for the sake of preventing discrimination against competitors that operated independently outside traditional banks.
This occurrence set the foundation for increased competition in the online banking sector and prevented monopolisation in the industry. This was a huge step for FinTech companies and an opening for alternative payment systems to fill.
2018: The second Payment Services Directive (PSD2) is implemented
In 2018, PSD1 was replaced by an updated version — PSD2. The new directive expanded on the foundations set by its predecessor and had a profound impact on banks and banking institutions. PSD2 required banks to expose open banking API access to authorised third parties. The focus of the directive is on setting up a more integrated and efficient European payments market while helping to level the playing field for payment service providers.
There are two types of official payment service providers under PSD2:
Account Information Service Providers (AISP) — companies authorised to access an individual or business account data sourced from their banks and payments systems with their consent
Payment Initiation Service Providers (PISP) — companies that are not only authorised to access data, but also to initiate payments on the behalf of their customers
PSD2 has already made it easier for new market entrants and third-party providers to gain access to this new market, improve their product offerings, and increase competition. Open banking paved the way for many innovative financial solutions, and the future should bring even more.