Strong authentication for individuals on access to accounts online
After the PSD2 APIs in 2019, BNP Paribas starts strong authentication for individuals on access to accounts online
Strong Customer Authentication every 90 days
Starting June 8, 2020, a strong authentication will be required every 90 days for individuals, professionals and private banking customers of the brands BNP Paribas and Hellobank in France that will access their online banking.
It will also be the case for access to accounts through PSD2 APIs by the Payment Services Providers.
The deployment will be gradual during 4 weeks. At the end of this period, all customers will be subject to strong authentication.
PSD2 APIsIn the context of the 2nd European Payment Services Directive, PSD2 APIs from the following scope :
- Hellobank in France
- BNP Paribas Retail in France
- BNP Paribas Corporate Investment Banking in Europe
- BNP Paribas Corporate in France
are available in production since mid-2019 and ready to be used by agreed Payment Services Providers with an eIDAS certificate.
Until the exemption is granted, a fallback mechanism is available on Corporate and Retail scope (BNP Paribas and Hellobank) in France as well as CIB Europe, in order to allow Payment Services Providers to access PSD2 data without break in service. The corresponding documentation is available on API Store.
Access to these APIs is reserved for Payment Services Providers that received authorization from their national competent authority in an EU Member State.
The APIs can be accessed on the BNP Paribas API Store Portal at https://apistore.bnpparibas
The publicly accessible online portable sets out the content and documentation of the API and enables you to contact BNP Paribas to get access to the APIs or ask questions.
API Store shows all the PSD2 APIs for France (Retail and Corporate), Belgium, CIB Europe (Corporate), Over-Seas and Poland. APIs offered by other Group entities are already locally available and will in time be listed in the API Store as well.