The Game Dev’s Guide To Open Banking In The EU

No items found.
Expand your mobile game business to PC and web to reach new players.

Whether you’re a big game studio, a solo developer, or somewhere in-between, you’ll want to keep up with quickly evolving changes in the payments landscape to make sure that you’re in the best position to grow your game — and one of the biggest new changes is open banking.

In this article, we’ll provide you with an overview of open banking and the factors that are driving this revolutionary shift, share the past milestones and present state of open banking’s rollout in the EU, and explain what it all means for your game.

What is open banking?

Open banking is a new approach to banking that enables qualified third parties in the EU to securely access consumer account and transaction data across financial institutions. With this access, companies can create new tools and services that give consumers a broader view of their finances and inform them about emerging financial products that can help them to achieve their goals, enabling greater competition in the EU marketplace.

Merchants can also use open banking data to better understand their audience’s buying habits, which helps them to segment their audience more accurately, create more targeted marketing campaigns, and more effectively identify and prevent fraud.

Changing the payments landscape

For game developers, open banking makes it possible to

  • initiate payments directly from user bank accounts, cutting out payments “middlemen” and thereby reducing the amount of revenue lost to fees
  • speed up transactions, as direct bank connections enable them to be completed instantly
  • increase conversion rates by providing users with new, easy ways to make purchases

As established financial institutions aren’t necessarily motivated to create a more competitive marketplace, the EU is relying on PSD2 to get everyone to work together on open banking.

What is PSD2?

The Revised Payment Services Directive (PSD2) is an EU directive initiated by the European Commission (EC) to increase competition and security in the European payments industry. It’s key to the adoption of open banking because it requires banks to implement the application program interfaces (APIs) that enable Access to Accounts (XS2A), or access to consumer bank accounts and transaction data, which gets third parties what they need to create financial solutions that help consumers to benefit more fully from their own data.

Data Security and PSD2

Greater access to consumer financial data is sure to raise some questions about consumer permissions and the trustworthiness of third-party providers. PSD2 addresses both of these concerns in its Regulatory Technical Standards (RTS) document, within which it defines how XS2A and enhanced security and authentication requirements will be implemented.

Keeping data secure with SCA

A core element of PSD2 is Strong Customer Authentication (SCA), which requires two-factor authentication to access a payment account, transfer funds, or perform any other transaction.

With SCA, a consumer must provide two or more of the following authentication credentials:

  • knowledge (something only the user knows)
  • possession (something only the user possesses)
  • inherence (something the user is, for example, fingerprint, voice recognition)

There are some concerns about SCA, as it adds a level of complexity to open banking APIs and may have negative effects such as an increase in cart abandonment. But overall, its improved security and fraud reduction are advantageous for both consumers and gaming businesses.

Requirements for third-party access

Third-party providers (TPPs) can be developers or companies that access data through open banking APIs to create services and/or initiate payments — but they need to be authorized.

Types of TPPs include:

  • An Account Information Service Provider (AISP) can access bank account information like transaction history and credit card details.
  • A Payment Initiation Service Provider (PISP) can initiate payments with any of the banks connected via an open API protocol.
  • A Payment Instrument Issuing Service Provider (PIISP) checks the funds’ availability for a card-based transaction.

While it’s logical to assume that TPPs can only be fintech companies, they can also come from other industries including technology, insurance, and even gaming.

Is the EU ready for open banking?

Open banking amounts to a seismic shift in the way that consumers and banks approach finances, requiring a multi-phase process dating back to July 2013. It has been a long and complex journey to formalize the standards, systems, and sign-offs required for a smooth rollout. But just as the open banking system continues to be readied for countries throughout the EU to join, the readiness of countries themselves for participation in open banking varies from one to the next.

The graphic below ranks countries’ readiness by the number of providers (includes TPPs and banks) and the number of APIs, both as reported by the Open Banking Tracker in the second half of 2020.

It might be tempting to equate the number of fintech companies in a given country to that country’s readiness for open banking, but that’s not always the case. Also, some countries that have invested in banking innovation but aren’t leading the way in API implementation may be seeking to benefit from the experience of banks and fintech companies in other countries or awaiting more streamlined guidelines.

As more banks ready their APIs, more companies will take the initiative to become licensed TPPs, and their numbers are already growing. Today, more than 200 companies have registered as TPPs, including familiar names like Google, Skrill, Stripe, and Worldpay.

What open banking means for your game

Based on an analysis of Xsolla’s extensive video game transaction data, bank transfers account for a significant share of video game transactions in the EU. As popular digital wallets like PayPal rely on banks as the source of funds, users may be interested in bank transfers as an alternative payment method due to its similarity to PayPal but with fewer steps.

While the market share for bank transfers varies among EU member countries, they’re consistently popular across the region. In the Netherlands, bank transfers account for 75% of video game transactions, eclipsing all other payment method types combined. It’s also worth noting that a sizable share of video game payments rely on bank transfers in Poland and Germany, 44% and 25% respectively.

Becoming a third-party provider

Earlier we touched on the primary benefits of open banking for game developers — reduced risk of fraud, completing purchases instantly, saving on credit card and other “middleman” fees — but becoming an authorized third-party provider is not a simple task. You’ll need to:

  • Acquire a license to access open banking APIs, which can take up to nine months, during which you’ll have to demonstrate your ability to adhere to strict security requirements
  • Prove that you have a minimum of €50,000 in capital
  • Meet EU business license requirements such as holding professional indemnity insurance (PII) and complying with regulations like the General Data Protection Regulation (GDPR), the Electronic Identification, Authentication, and trust Services (eIDAS), and the Anti-Money Laundering Directive (AMLD)
  • Integrate with open banking APIs for thousands of banks, which can take a lot of time and effort as they’re not standard and the quality of documentation varies
  • Bear responsibility for legal risk, as touching highly sensitive consumer data with no “middleman” means that any reconciliation or integration issues are yours to deal with

These challenges are part of why you’ll see developers from the fintech space move into open banking, as they’re already aware of some or all of these issues. As a game developer, your learning curve would be much steeper — and you may be better served by a different approach.

The easier way to benefit from open banking

It’s clear that the amount of work, cost, and risk associated with enabling direct bank payments present an obstacle for most game developers. Many would be better served by either working directly with payment aggregators or finding a partner who can do it for you.

As one such potential partner, Xsolla can enable open banking payments through a number of bank aggregators, including Sofort and Giropay, German companies behind the pool of video game bank transactions discussed earlier in this article; Trustly, which covers 95% of consumer bank accounts in Sweden; iDeal, with 15.4 million users in the Netherlands; Blik, with 12 million users; and Przelewy24, with 113,000 users in Poland.

If you find the right payments partner, you’ll also benefit from other advantages such as keeping up with and implementing new payment methods, off-loading time-consuming administrative tasks like taxes, and ensuring compliance with regulations like GDPR, AMLD, and others.

Next steps

Open banking is a big part of a massive transformation, one that will bring about new tools, services, and business models, empower consumers, and present challenges to those who don’t know how to adapt. It’s an ongoing learning process too, as more financial institutions will advance toward compliance and emerge as authorized TPPs.

As your trusted partner, Xsolla can handle all of the requirements that we’ve covered, plus track and share essential information so you can stay on top of open banking trends and regulations without sacrificing the quality and growth of your game business.

If you’re not an Xsolla partner, contact us at to learn about how we can help you begin enjoying the benefits of open banking payments in the EU.

If you’re currently an Xsolla partner, email your account manager and set up a time to discuss how we can help you take full advantage of this rapidly growing payments trend.

No items found.