In Open BankingProvides third-party financial service providers open access to consumer banking, transaction, and other financial data from banks and non-bank financial institutions through the use of application programming interfaces (APIs). Open banking will allow the networking of accounts and data across institutions for use by consumers, financial institutions, and third-party service providers., tokens replace identifying information about the user and the user's bank account information or the user and a payment request with what appears to be a random string of characters and numbers. Nobody knows what the token actually means or the information it contains except the bank. Tokens are made even more inscrutable using encrypted communication between the
Smart tokens are at the heart of Token's Open Banking solution. Each token comprises three major components: asset, rules, and state. The asset is what the token represents (i.e., what it is being exchanged for). The rules govern how it can be used, when it can be used, by whom and with whom. Its state reflects whether or not it is active/unused, canceled, or redeemed. What this all boils down to is that a token can be used only once and only by the party to whom it was originally issued and strictly for the purpose for which it was issued, providing inherent security in each request-reply exchange.
A typical transfer token use case comes to bear when a business (the payee) requests a member (the payer) to authorize a smart token to pay for an online purchase: “Allow Business XYZ to initiate a payment from my bank account to pay €224 for order 79262212.“
A typical access token use case is when a member (the grantor) authorizes a service (the grantee) to access and aggregate their bank account information.
A token is created upon successful user authenticationStrong customer authentication (SCA) is a requirement of the EU Revised Directive on Payment Services (PSD2) on payment service providers within the European Economic Area. The requirement ensures that electronic payments are performed with multi-factor authentication, to increase the security of electronic payments. with the bank. It contains all the details specified in the request.
Tokens are redeemed to execute a payment
An unused token can be retrieved to check its status based on matching properties. Unredeemed tokens can be canceled at any time.