Introduction to Open Banking
Open Banking (OB) is a financial directive in the EU and the UK starting September 2019. Under OB, users can grant or withhold permission to share their account data with authorised third-party providers (TPP) such as Yodlee. It enables customers to use TPPs to help manage their finances. The data is shared via Application Programming Interfaces (APIs). With the advent of Open Banking, any financial institution that has implemented the standard categorizes financial accounts into OB-supported and non-OB-supported account types.
Getting Started with EU Open Banking
Envestnet | Yodlee provides the Yodlee AISP service engagement model, allowing users to connect and share their account information with your application. If you do not have your PSD2 AISP license, you can apply to use Envestnet | Yodlee's extended AISP license service. You will be requested to submit your application, and an Envestnet | Yodlee representative will contact you and guide you through the eligibility process.
Account Aggregation through FastLink
FastLink for aggregating financial institutions supports payments and non-payment account types through Open Banking. The user can choose from different supported account types when selecting a provider. Currently, only payment-enabled accounts can be aggregated with Open Banking, whereas all the other account types are aggregated using the user's banking credentials. If a user attempts to link an OB-supported account type, the user must provide consent to share account information with FastLink.
Consent to Share Account Data
If a user attempts to link a provider that requires their consent to share account information with Yodlee, they will be asked to provide consent before continuing with the provider linking flow.
Consent to share must be re-granted for each application that supports FastLink at the financial institution provider. For example, a user grants consent to share data with FastLink from a link on the financial institution's home page.
Step 1: Selecting a Provider
Users can search for providers in the search field that appears by default at the top of the screen or select other providers by tapping an icon on the page corresponding to the provider they want to add. When a user selects a provider that requires the user to grant permission to share data (Open Banking), the application provides a path for the user to aggregate Open Banking-supported accounts in addition to other types of accounts that can be aggregated by providing online banking credentials.
Step 2: Choose the Type of Account
Users must select the type of accounts they wish to connect on this screen, whether Open Banking or online credentials.
Step 3: Provide Consent
In the Consent screen, the user must provide his consent to share his account details and for a specific period with the client's application. If the user had already added the selected provider in the past, the Consent screen displays a message at the top of the screen indicating that the user had already aggregated this provider/account, and the process is repeated.
Step 4: View Accounts
The following account attributes are displayed for each aggregated account in the view accounts screen under the appropriate financial institution and container heading:
- Account Name – Name of the account (for example, ABC Checking)
- Account Number – The account number (masked except for the last four digits)
- Account Type – Account type at the account provider (current, credit card, savings, etc.).
- Account Balance – Balance of funds in the account
The Save & Finish button closes FastLink, whereas the Connect More Accounts button redirects the user back to select a provider screen in FastLink so that they can add another provider if they choose to.
The Manage Consent screen in FastLink facilitates a consolidated view of all user consents for aggregated accounts. The user can renew or delete their existing consent to share account data (for the providers that require the user's consent). When launching Fastlink, the Manage Consent screen can be invoked by passing the
manageConsent value in the
flow extra parameter attribute.
Renew Consent to Share Data
After successfully linking a consent-required provider, the user will be asked to renew their consent periodically. By default, the frequency required to renew consent is 180 days for EU Open Banking.
The user might choose to renew consent if:
- The selection of accounts has changed at the financial institution.
- The consent is about to expire at the provider and needs to be renewed.
FastLink lets users re-authenticate and renew their authorization to share their account information with Yodlee. The user can invoke the consent renewal flow by invoking the Manage Consent screen and selecting the required consent from the listed consents. The consent status applicable at that moment is displayed against each listed consent.
Delete Consent to Share Data
The user can delete consent by tapping the Delete Account, available only on the consent detail screen that can be invoked from the Manage Consent screen. The delete option is available when the consent is active and if the consent has expired or is about to expire. The provider for which consent is deleted will no longer appear in the Manage Consent screen. The financial institution or provider is notified that the user has deleted the consent to share account information.