Standard ETSI TS 119 495 is now available!

ETSI have published the PSD2 eIDAS standard TS 119 495 which was finalised at their plenary in May and is available here.

ETSI – the European Telecom’s and Standards Instiution is a  European Standards Organization developing standards in Europe for global use, has been working to define the set of standards for implementing the requirements of the RTS for use of qualified certificates as defined in eIDAS regulation since September 2017.

Open Banking Europe has accompanied this process from the beginning and two of the OBE’s representatives, John Broxis (PRETA) and Chris Kong (Azadian) were instrumental in getting a PSD2 eIDAS standard in place thanks to the work done with OBE’s  participants.

Relevance of the certificates

In order to allow the access to account to a third party under PSD2, ASPSPs needs to identify third parties (TPPs) through their eIDAS certificates ,as specified in the “Regulatory Technical Standards on Strong Customer Authentication and Common and Secure Communication”

There are two kind of certificates that can be issued: the Qualified Certificates for Seals (QSEALs) or Qualified Website Certificates (QWACs). ETSI Standards specify the items needed for electronic seals and website authentication and the TSP policy requirements for the management (including verification and revocation) of additional certificate attributes related to those certificates. [1]

Link to the PRETA directory

The roles of these third parties can be checked in the Home NCA of that entity. As specified by the ERPB report “As there will be 31 NCA’s, this raises the need for a machine readable, standardised repository of TPP details, as published by NCAs.” Open Banking Europe provides this machine readable, standardised Directory that is now being tested and will be fully operational in January 2019.

For more information about the Directory please check the dedicated website.

To download the ETSI TS 119 495 click here.

[1] Link