Middleware for Revised Payment Service Directive (PSD2) payments
Loading...
URL
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu |
Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.
Authors
Date
2023-12-11
Department
Major/Subject
Security and Cloud Computing
Mcode
SCI3084
Degree programme
Master’s Programme in Computer, Communication and Information Sciences
Language
en
Pages
44+8
Series
Abstract
The PSD2 directive from the European Union mandates that banks expose their API to third-party providers (TPP), promoting competition and innovation. However, the diverse technologies utilized by banks to provide these APIs can add complexity to the new ecosystem. With numerous TPP actively involved, it represents the future of fintech. Nevertheless, the open nature of these APIs poses significant security challenges for all stakeholders. The goals of the thesis are to develop middleware that simplifies the complexity of PSD2 API and to explore and evaluate security issues that may arise in real production environments. The PIS middleware component, operating as a Software-as-a-service product, has been successfully developed. The development process involved gathering requirements from various perspectives, designing the architecture, and building the service. Additionally, a demo application has been created to demonstrate the functionality of the PIS. Following the operation of the PIS in a real production environment, several security issues were identifiedDescription
Supervisor
Aura, TuomasThesis advisor
Tyurin, FedorKeywords
PSD2, payment Initiation Service, middleware, security evaluation