What is an AISP and what's it for
"AISP" is one of those open-banking acronyms that shows up with no explanation. But understanding what it is matters: it's the difference between accessing bank data through a regulated, secure channel, or doing it by copying credentials and screens. Here's the plain-English version.
AISP: account information service provider
An AISP (Account Information Service Provider) is an entity authorized under the European payments directive PSD2 to access, with the holder's consent, their bank account information through the bank's official interface. It doesn't move money: it only reads information (holder, IBAN, balance, transactions) when the customer authorizes it.
AISP status is granted by the supervisor — in Spain, the Bank of Spain — after an authorization process. YOiD is registered as an AISP under no. 6929 in the Bank of Spain's register of entities.
Why it matters: the regulated channel vs. "screen scraping"
Before open banking, accessing a user's bank data usually meant asking for their credentials and "scraping" their online banking screen. That's fragile and insecure. With an AISP:
- The customer authenticates at their own bank; no one handles their credentials.
- Data arrives through the bank's official PSD2 interface, not by copying screens.
- Consent is explicit, limited and auditable: the user knows what they're sharing and with whom.
Do I need to be an AISP to use it?
No. The AISP license is held by the provider (for example, YOiD). Your business integrates the service and receives the verified data; the AISP maintains the regulated relationship with the bank. That way you can use reliable bank information — for onboarding, ownership verification or creditworthiness assessment — without applying for a license yourself.
Bank data verified at the source
YOiD Bank Data accesses, as an AISP (Bank of Spain no. 6929), the data the customer authorizes — holder, IBAN, balance and transactions — and delivers it to you verified at the source.
See Bank Data →Frequently asked questions
What does AISP stand for?
AISP stands for Account Information Service Provider. It's a regulated open-banking role that allows accessing bank account information with the user's consent.
What's the difference between an AISP and a PISP?
An AISP only reads account information (with consent). A PISP (Payment Initiation Service Provider) can initiate payments on the user's behalf. They're distinct PSD2 roles; YOiD operates as an AISP. As a result, an AISP never moves money.
What data can an AISP see?
Only what's within the scope the holder authorizes: typically holder, IBAN, balance and transactions for the selected accounts. Consent is limited and revocable.
Is it safe for my customer?
Yes: the customer authenticates at their own bank and no one handles their credentials. Access is logged and can be revoked. It's the channel European regulation itself designed for this purpose.
What's it used for in practice?
It replaces manual bank documentation with data obtained at the source, with the user's consent. It helps with digital onboarding, bank verification, financial analysis and document-fraud prevention.
Keep reading
IBAN-swap fraud: verifying ownership before you pay → KYC and digital onboarding: verification methods →Sources: European payment services directive PSD2 and Bank of Spain registers. Informational content, not legal advice.