Resources › Open banking
Open banking

What is an AISP and what's it for

Explainer · 3 min read

"AISP" is one of those open-banking acronyms that shows up with no explanation. But understanding what it is matters: it's the difference between accessing bank data through a regulated, secure channel, or doing it by copying credentials and screens. Here's the plain-English version.

AISP: account information service provider

An AISP (Account Information Service Provider) is an entity authorized under the European payments directive PSD2 to access, with the holder's consent, their bank account information through the bank's official interface. It doesn't move money: it only reads information (holder, IBAN, balance, transactions) when the customer authorizes it.

AISP status is granted by the supervisor — in Spain, the Bank of Spain — after an authorization process. YOiD is registered as an AISP under no. 6929 in the Bank of Spain's register of entities.

Why it matters: the regulated channel vs. "screen scraping"

Before open banking, accessing a user's bank data usually meant asking for their credentials and "scraping" their online banking screen. That's fragile and insecure. With an AISP:

The key point: with an AISP, bank data arrives verified at the source (from the bank), not supplied by the user. It's far harder to manipulate than a PDF or a screenshot.

Do I need to be an AISP to use it?

No. The AISP license is held by the provider (for example, YOiD). Your business integrates the service and receives the verified data; the AISP maintains the regulated relationship with the bank. That way you can use reliable bank information — for onboarding, ownership verification or creditworthiness assessment — without applying for a license yourself.

Bank data verified at the source

YOiD Bank Data accesses, as an AISP (Bank of Spain no. 6929), the data the customer authorizes — holder, IBAN, balance and transactions — and delivers it to you verified at the source.

See Bank Data →

Frequently asked questions

What does AISP stand for?

AISP stands for Account Information Service Provider. It's a regulated open-banking role that allows accessing bank account information with the user's consent.

What's the difference between an AISP and a PISP?

An AISP only reads account information (with consent). A PISP (Payment Initiation Service Provider) can initiate payments on the user's behalf. They're distinct PSD2 roles; YOiD operates as an AISP. As a result, an AISP never moves money.

What data can an AISP see?

Only what's within the scope the holder authorizes: typically holder, IBAN, balance and transactions for the selected accounts. Consent is limited and revocable.

Is it safe for my customer?

Yes: the customer authenticates at their own bank and no one handles their credentials. Access is logged and can be revoked. It's the channel European regulation itself designed for this purpose.

What's it used for in practice?

It replaces manual bank documentation with data obtained at the source, with the user's consent. It helps with digital onboarding, bank verification, financial analysis and document-fraud prevention.

Keep reading

IBAN-swap fraud: verifying ownership before you pay → KYC and digital onboarding: verification methods →

Sources: European payment services directive PSD2 and Bank of Spain registers. Informational content, not legal advice.