Open Finance Glossary

A

AIS Account Information Service: A service that provides consolidated information on payment accounts held by a user at other payment service providers.
ASPSP Account Servicing Payment Service Provider: A payment service provider (typically a bank) that holds customer payment accounts and provides access to account data through APIs.
Al Tareq: The official UAE Open Finance platform operated by Nebras, providing the technical infrastructure for secure data sharing between financial institutions and TPPs.
API Application Programming Interface: A set of protocols and tools that allow different software applications to communicate with each other.

BDSP Banking Data Service Provider: A TPP authorized to access account information on behalf of customers. Can aggregate data from multiple banks.
BSIP Banking Service Initiation Provider: A TPP authorized to initiate payments on behalf of customers from their bank accounts.

CBUAE Central Bank of the United Arab Emirates: The regulatory authority overseeing the UAE Open Finance framework and licensing of financial institutions.
Consent: Explicit authorization given by a customer to a TPP to access their financial data or initiate payments on their behalf.
CoP Confirmation of Payee: A name-checking service that verifies the recipient's name before a payment is made, helping prevent misdirected payments.

Directory Trust Framework Directory: A registry of all approved participants in the Open Finance ecosystem, including banks, TPPs, and their roles.

FAPI Financial-grade API: A security standard specifically designed for high-risk financial APIs, providing enhanced protection against attacks.

ISP Information Service Provider: A type of TPP that provides account aggregation and information services to customers.

LFI Licensed Financial Institution: A bank or financial institution licensed by CBUAE to operate in the UAE.

mTLS Mutual Transport Layer Security: A security protocol where both client and server authenticate each other using digital certificates.

Nebras: The operator of the Al Tareq platform, responsible for the technical and operational aspects of UAE Open Finance infrastructure.

OAuth Open Authorization: An open standard for access delegation, commonly used to grant websites or applications access to information without sharing passwords.
Open Banking: A system where banks and other financial institutions share customer data with third parties via APIs, with customer consent.
Open Finance: An extension of Open Banking that includes sharing of data beyond payment accounts, such as insurance, investments, and pensions.

PIS Payment Initiation Service: A service that initiates a payment from a customer's bank account at their request.
PKCE Proof Key for Code Exchange: An extension to OAuth 2.0 that prevents authorization code interception attacks.
PSP Payment Service Provider: An organization that provides payment services such as processing transactions or enabling payments.

Raidiam: The technology provider powering the UAE Open Finance trust framework and directory services.

Sandbox: A testing environment that allows TPPs to develop and test their applications without affecting real customer data.
SCA Strong Customer Authentication: Multi-factor authentication required for accessing payment accounts or initiating transactions.

TPP Third Party Provider: An organization authorized to access customer banking data or initiate payments on their behalf, typically fintechs and payment providers.
Trust Framework: The legal, regulatory, and technical rules governing how participants interact within the Open Finance ecosystem.