Middleware for Revised Payment Service Directive (PSD2) payments

Loading...
Thumbnail Image

URL

Journal Title

Journal ISSN

Volume Title

Perustieteiden korkeakoulu | Master's thesis

Authors

Date

2023-12-11

Department

Major/Subject

Security and Cloud Computing

Mcode

SCI3084

Degree programme

Master’s Programme in Computer, Communication and Information Sciences

Language

en

Pages

44+8

Series

Abstract

The PSD2 directive from the European Union mandates that banks expose their API to third-party providers (TPP), promoting competition and innovation. However, the diverse technologies utilized by banks to provide these APIs can add complexity to the new ecosystem. With numerous TPP actively involved, it represents the future of fintech. Nevertheless, the open nature of these APIs poses significant security challenges for all stakeholders. The goals of the thesis are to develop middleware that simplifies the complexity of PSD2 API and to explore and evaluate security issues that may arise in real production environments. The PIS middleware component, operating as a Software-as-a-service product, has been successfully developed. The development process involved gathering requirements from various perspectives, designing the architecture, and building the service. Additionally, a demo application has been created to demonstrate the functionality of the PIS. Following the operation of the PIS in a real production environment, several security issues were identified

Description

Supervisor

Aura, Tuomas

Thesis advisor

Tyurin, Fedor

Keywords

PSD2, payment Initiation Service, middleware, security evaluation

Other note

Citation