PSD2 & Open Banking Services

On 14 September 2019, the Second Payment Services Directive (PSD2) comes into full force. This is European Legislation which applies to all payment services in the EU. It has been introduced to make electronic payments more secure as well as introducing new Open Banking services also known as ‘access to accounts’.

Open Banking services has been introduced to offer you greater control over your data, giving you the option to securely share your online payment account information and make payments directly from your online payment account by using Third Party Providers, known as TPPs. These could include banks, online retailers and financial technology (Fintech) providers.

However Open Banking services won’t be for everyone, and we won’t share your data unless you tell us to. You are always in control, so if you try it and decide it’s not for you, you can stop sharing data at any time.

To avail of Open Banking services, you must download the KeyCode app. Bank of Ireland KeyCode is a secure mobile authentication app used to generate a one-time security password to allow you to access services available through Open Banking via Bank of Ireland’s Account Access site.

More information can be found in the ‘KeyCode Help’ tabs on this page.

Open Banking Services General Queries

  • What type of services will Open Banking enable?

    The introduction of Open Banking enables a wide range of services which will be offered by Third Party Providers (TPPs). The following types of Third Party Providers are regulated under PSD2:

    Account Information Service Provider (AISP) Gathers information from one or more of your online payment accounts into one place.
    Payment Initiation Service Provider (PISP) Allows payments to be made on your behalf directly from your online payment account.
    Card Based Payment Instrument Issuer (CBPII) Requests information regarding the availability of funds in your online payment account.
  • How safe are the services available through Open Banking?

    Open Banking services are underpinned by financial legislation, The Payment Services Regulations 2017, designed to provide you with safety and security. When you give a TPP access to your account, Bank of Ireland will check that they are a regulated entity that have to comply with strict security mechanisms and data protection laws, just like your bank.

    If you choose to use the services available through Open Banking, you will need to provide your consent for the TPP to access your data or make payments from your online payment account. To do this, the TPP will direct you to a Bank of Ireland secure website (called the Account Access site) where you verify yourself and provide your authority to the bank.

    Remember that TPPs can’t access your information without your consent, and you can always choose to stop sharing data at any time.

  • What is an online payment account?

    An 'online payment account' is an account that is accessed through Digital Banking i.e. 365 online or Business On Line and be either a current account, demand deposit account or a credit card account.

  • Do I have to use Open Banking services?

    You are always in control and can choose whether you’d like to use Open Banking services or not. You will need to provide your consent to the TPP to access your data or make payments from your online payment account.

    Remember that TPPs can’t access your information without your agreement, and you can always choose to stop sharing data at any time.

Getting set up for Open Banking services

  • What do I need to get started?

    A) Check you have everything you need to get started

    • In order to use Open Banking services you must:

    • Be a 365 online or Business On Line customer with an online payment account
    • Have your mobile phone number registered to receive security codes from 365 online. (This step does not apply if you are an existing Business On Line user and accessing using your Business On Line credentials)
    • Have a smart device – in order to download the KeyCode app which is required when logging into the Account Access site.

    B) Link your Bank of Ireland KeyCode App to your 365 online profile

    Please note: if you are a Business On Line user you are already registered to use KeyCode.

    Bank of Ireland KeyCode is a secure mobile authentication app which generates one-time passwords (to be entered into the password field on the BOI Account Access page) to allow you to use services available through Open Banking. This adds a layer of security to ensure we can confirm it’s you and protect against any fraudulent activity.

    Note: The KeyCode app is only used for services available through Open Banking and Business On Line. You will continue to use your existing security details to login to 365 online.

    Open-Banking-Get-Started

    *We recommend that you use a laptop or desktop to register for KeyCode as you will need your smart device to download the KeyCode App.

    C) Open Banking Services for Business On Line users.

    • Please contact your Business On Line administrator who will need to provide you with the necessary functionality to use Open Banking services.

Using Open Banking Services

  • How do I use Open Banking services?

    The final step is to go to the website of the registered Third Party Provider and select the services you wish to use.

    Open-Banking-Get-Started ROI

    Note: The TPP should clearly explain what information it is going to use, how it will be used and how long it will be kept for.

  • What is the Account Access site?

    The Bank of Ireland Account Access site is only available to Bank of Ireland online payment account customers with a 365 online or Business On Line profile and only accessible from Third Party Providers (TPPs) offering Open Banking services. On the Account Access site you can allow Third Party Providers (TPPs) access to your account information and make payments directly from your account to a Third Party Providers (TPPs).

  • What do I use to login to the Account Access site?

    To login to the Bank of Ireland Account Access site, you need your 365 online or Business On Line User ID and the one-time security password generated by your KeyCode App. To generate a one-time security password:

    • Open your KeyCode App and enter the PIN you created during the KeyCode registration process on 365 online or Business on Line
    • Click Password on the menu screen
    • A one-time security password will appear
  • What is consent and why does a TPP need it?

    In order to use a TPP's services you must authorise them to access your data or make payments from your online payment account. This is known as giving consent. To do this, the TPP will direct you to a Bank of Ireland secure website (called the Account Access site) where you verify yourself and provide your authority to the bank.

  • How long does consent last for?

    When you give consent to an AISP to access your bank account details, you will agree with the AISP how long your data will be shared for. Bank of Ireland will only share the data for the duration you have agreed with the AISP. For security, we will ask you to authenticate yourself at least every 90 days to check that you still want to share your data.

    When a PISP initiates a payment from your account you will be asked each time to authorise the request.

    When you allow a CBPII to access available funds information on your account they can continue to do so until you tell the CBPII to remove the access to your account.

  • How do I make a payment using my online payment account?

    You can choose to pay directly from your Bank of Ireland online payment account without the need for a debit or credit card. Any TPP offering this service will confirm the payment amount and ask if you want to pay directly from your bank account. If you have more than one online payment account with us, you'll need to confirm which account you'd like the money to be taken from. Once you've given your consent, the payment will be made from your chosen account.

Third Party Providers (TPPs) and Other Queries

 

Bank of Ireland Group plc is a public limited company incorporated in Ireland, with its registered office at 40 Mespil Road, Dublin 4 and registered number 593672. Bank of Ireland Group plc, whose shares are listed on the main markets of the Irish Stock Exchange plc and the London Stock Exchange plc, is the holding company of Bank of Ireland.
Bank of Ireland is regulated by the Central Bank of Ireland. In the UK, Bank of Ireland is authorised by the Central Bank of Ireland and the Prudential Regulation Authority and subject to limited regulation by the Financial Conduct Authority and Prudential Regulation Authority. Details about the extent of our authorisation and regulation by the Prudential Regulation Authority, and regulation by the Financial Conduct Authority are available from us on request. By proceeding any further you will be deemed to have read our Terms and Conditions and Privacy Statement.