Validated and regulatory confirmed certificates will get a 200 OK with a full JSON response.
Failed validation attempts will get a 4XX http error code instead.
Free PSD2 TPP Trust Chain Validation and Regulatory Approval Confirmations within all European National Competent Authorities for any PSD2 QTSP authored eIDAS Certificate. No need for expensive OB Directories or oldskool PRETA registers. This is the way. 100% Cloud scalable SaaS ready to serve millions of requests per minute.
Check PSD2 validity of any eIDAS, QWAC or QSeal, certificate for free...
Verification performs a Full Trust Chain Validation against valid QTSPs while also checking matching NCA register to confirm PSD2 regulatory approvals.
If valid, the response JSON will display validation data and regulatory data.
Why CVaRC* is a must in order to comply with regulations.
Certificate Validation alone is not enough to allow TPPs access to your PSD2 APIs. It must be matched and confirmed with Regulatory Approvals (that might change over time) which makes it necessary to perform not once but rather for every SCA session. *CVaRC = Certificate Validation and Regulatory Confirmation.
TPP Request PSD2 API
>eIDAS QTSP Issuer check ✅
Expiry date ✅
Revoke status ✅
Certificate Validation
+
Regulatory Confirmation
=Realtime NCA Registry LookupPSD2 Role/permission Check ✅
Confirming origin NCA approvals ✅
Access Granted or Rejected
Automation rocks. Let's go.
The whole purpose of an API would be to integrate it with another system. Automation. This service have been designed to simplify integration as much as possible.
When others claim weeks of integration we say it can be done in hours or days.
Endpoint
With our new V2 there's only one endpoint to work with. Support for POST PEM, with GET for serials available to Premium subscribers only.
Scalability
All heavy lifting is done server side. Add Request parameters to let the backend do the complete compliance validation.
Integration
All responses delivered as valid JSON enables for integration the way it fits your environment. Use Request Parameters to get booleans.
Untangle Compliance. Go Premium.
Start a trial or request a subscription to unlock features that will help you enable full compliance including options for automated risk management and incident reporting. With Boolean responses we open up the world to extremely fast integrations, such as direct integration with the ruleset of a loadbalancer or firewall.
Request Parameters
Enables unique per request specific compliance responses. Validate every request, select or session based compliance?
Boolean Responses
From Request Parameters you will automatically get Booleans for simplified integration directly in your firewall.
Audit Log API
Enables easy access to every requests full JSON response which also enables automated incident reporting.
With Premium comes great benefits.
Exclusive insights aggregated from Europe's growing Fintech scene.
With our cutting-edge service, you can effortlessly access unique and invaluable insights from various regions in Europe. Our extensive network of sources ensures that you get the most comprehensive and up-to-date information that will give you a competitive edge.
Live Risk and Threat assessments.
We understand the importance of staying on top of potential risks and threats that may affect your operations. That's why we offer a convenient solution that allows you to handle such issues efficiently. With our service, you can receive regular reports on revoked or removed Qualified Trust Service Providers (QTSPs) and Third-Party Providers (TPPs), allowing you to take proactive measures to protect your business.Real-time analysis of growth trends with unique traffic data.
By the help of our service, you can keep track of the most active TPPs and monitor their growth trends. By staying up-to-date with their aggregated API requests all over Europe, you can adjust your business strategy and stay ahead of the competition.
Streamline your incident reporting process by automation.
Reporting incidents to local Competent Authorities can be a time-consuming and complicated process. Our service offers an automated incident reporting feature that simplifies the process for you. With just a few clicks, you can submit your incident report to the relevant authorities, saving you time and effort.
GET Premium. Simply to simplify.
The whole purpose of an API would be to integrate it with another system. Automation. This service have been designed to simplify integration as much as possible.
When others claim weeks of integration we say it can be done in hours or days.
Endpoint
Premium subscription unlocks the GET operator making it even simpler to validate incoming requests. Extract and submit the incoming certificates serial number.
Responses
Using Request parameters you also unlock request specific compliance while also letting the backend perform the heavy lifting and recieve a simple to integrate boolean response.
Fallback
As a fallback all responses may optionally also still be delivered with the full JSON response depending on your suitable integration needs. Parameters enables Booleans.
Here's some topics covered by using
TPP Validation's Services.
The PSD2 Regulations leaves a lot to the market and compliance departments. There are however some severe potential risks you need to consider and probably mitigate.