Open banking payments and account data services just got better with extended consent duration in the Nordics. Banks throughout Denmark, Finland, Norway and Sweden are rolling out a longer period for which Secure Customer Authorization will be considered valid in compliance with a new European Banking Authority (EBA) rule that went into effect on 25 July 2023.

The new rule mandates that when an end user gives consent to access their bank account for the purpose of making a payment or sharing account information with a service provider, the authorization will be valid for a maximum of 180 days, instead of just 90. Why? So, customers can use the same service repeatedly without having to reauthorize as frequently as before. Less friction equals a better user experience.

Here are the benefits for the business and users using open banking services, as well as for the companies providing those services.

The benefit for end users

Faster payments and fewer interruptions.

When you as a user pay by bank online, you are required to use a process called Secure Customer Authentication (SCA). That’s where you use BankID, MitID or your bank’s own authorization app to authenticate your identity and connect to your bank to make a payment or provide some account information for a service you are applying for, such as loan or opening an account for a utility, subscription, gaming or investing.

Until recently, this process typically required two SCAs, sometimes even three, to complete a transaction. Depending on how well the authorization app works, this could take 60 seconds or more to complete the transaction.

By extending the length of time your consent remains valid, you can pay or share information without having to reconnect to your bank every time. You will still have to do an SCA to approve the transaction, but it will take only 10-15 seconds, saving you time. You also have the right to revoke your consent at any time.

The benefit for service providers

Fewer errors and fewer drop offs.

Multiple SCAs add additional steps to a transaction and potential points of failure when transitioning between the payment and authorization applications. The experience of this for the user can be both annoying and time-consuming and even result in them abandoning the transaction.

Fewer transitions mean less friction, better user experience and increased user retention. Already open banking payments are delivering conversion rates well above the average card payments and at a much lower cost. This improvement will continue that trajectory and provide even better results for businesses.

The benefit for account information and payment initiation service providers

Increased usability and adoption.

The consent duration is checked during every authorization, now the AIS (Account Information Service) tokens will have a default maximum duration of 180 days. This change increases usability and applies to all customer segments to support the adoption of open banking services.

While the final deadline for the rollout is set for 1 November 2023, nearly all the Nordic banks, apart from Bankdata DK and Bank Norwegian, have now implemented extended consent, with many switching to single SCA flows as well. This combined with the recent rollout of biometrics in BankID and in many banking apps, makes it even faster and easier to pay and access financial services.

Summary

• 180-day AIS consent is now in place in the Nordics
• With many Nordic banks switching to single SCA flows as well
• Resulting in faster payments and fewer reauthorizations when using open banking services
• And benefits for both businesses, end users, and service providers  

‍