2. 2
www.ewise.com
Patented Worldwide
Client-side Aggregation
SECURE NETWORK ACCESS
Our client-side aggregation technology is patented in the U.S.A., Europe, Asia and Australia.
ü Personal Data Vault (PDV) implemented on end-
user device
ü NO Disclosure of credentials or tokens to any third-
party
ü ALL Aggregation takes place from end-user device,
NOT the server
ü ALL data encrypted on end-user device using AES256
- encryption keys stored on ‘zero knowledge’ server
ü Data Sharing from Personal Data Vault using consent
based permissioning
3. 3
www.ewise.com
Users can choose to share their personal data with value added services.
DATA BROKER
Aggregate all of your customers’ financial accounts.
ACCOUNT AGGREGATION
Your user’s personal data store for financial services.
PERSONAL DATA VAULT
Provide the user with full control and privacy over their personal data.
PERMISSION MANAGEMENT
5. 5
www.ewise.com
XS2A will open up access by authorised Third Party Processors
(TPPs) to consumer data and banking infrastructure. New
service providers, defined under the Payment Service Directive
2 as Payment Initiation Service Providers (PISPs) and
Account Information Service Providers (AISPs), will be able
to offer innovative payment and account aggregation services to
end users throughout the European Union.
End-users will be provided with aggregated online information on
one or more payment accounts held with one or more
payment service providers and accessed via online interfaces of
the account servicing payment service provider.
Users are thus able to have an overall view of their financial
situation at any given moment.
What is PSD2 XS2A?
6. 6
www.ewise.com
Risks & limitations of
XS2A
SCOPE LIMITED TO
PAYMENT
ACCOUNTS
PSD2 XS2A scope includes
only payments accounts.
To build a comprehensive
picture, it is needed to
manage multiple channels:
Direct & In-Direct
UN-UNIFIED API
STRUCTURE
Each bank will develop its
own API according to its own
standard and structure.
The development efforts to
integrate with each banks
are big.
RISK OF LOSING
CUSTOMER
RELATIONSHIP
Competition to innovative
tools will increase as third
parties get easier access to
user’s financial data and win
customer main relationship.
DATA SECURITY
Even with PSD2 Direct
Channel (APIs), end-user
credentials (tokens etc.)
need to be secure.
8. 8
www.ewise.com
Aegis goes beyond XS2A
Solving the issue of a PSD2 XS2A limited scope narrowed to payment accounts
To build a comprehensive picture you need to manage multiple channels: Direct & In-Direct
The Aegis SDK allows to connect both to
direct channels like PSD2 APIs and to
indirect channels for non payments accounts
10. 10
www.ewise.com
Ensuring a complete picture
under PSD2 XS2A
In-Direct Channel
aggregates only out-of-
scope accounts to
complete the picture
Direct Channel (API)
aggregates in-scope
account data and
establishes exception list