XS2A Core

  • live
  • PSD2

XS2A Core is an interface that provides third-party providers with access to client accounts that are managed by an ASPSP.

Key Challenge for an Account Servicing Payment Service Provider

With the PSD2, the European Union has published a new directive for payment services in the internal market. Among other things, banks are required to have open interfaces for third-party providers so that they have access to banking systems and client accounts.

The XS2A Core Solution from adorsys

XS2A Core is fully compliant with the PSD2 and supplies core services, which are defined by the directive:

- Payment Initiation Service to be operated by a Payment Initiation Service Provider TPP
- Account Information Service to be operated by an Account Information Service Provider TPP
- Confirmation on the Availability of Funds Service to be used by a Payment Instrument Issuing Service Provider TPP

Icon / AuthentificationCreated with Sketch.


Strong Customer Authentication and improved data protection

Icon / endpointsCreated with Sketch.


All mandatory API endpoints defined in Berlin Group specification are implemented

Icon / current versionCreated with Sketch.


Current supported version of NextGenPSD2 XS2A API is 1.3.

Icon / DeveloperCreated with Sketch.


Swagger documentation for all REST API modules

Icon / LikeCreated with Sketch.

Consent Management

System to store and manage consents given by PSU to corresponding TPPs

Icon / moduleCreated with Sketch.


REST API Module to store and read ASPSP-specific configurations for XS2A-features

Icon / loggingCreated with Sketch.


ASPSP operators can track all logically related calls in XS2A

Use Case

Access to Clients Accounts

For the operation of the new services, a TPP needs to access the account of the PSU, which is usually managed by the Account Servicing Payment Service Provider (ASPSP). The PSD2 obligates ASPSP to provide the third-party payment service provider with a (dedicated) interface that can be used to access client accounts in order to initiate transfers (e.g. to online retailers), download account information, or query available card funds.

adorsys-xs2a-core-infographicCreated with Sketch.PISPAISPPIISPASPSP (Bank)AccountsTPP

Ready to start?

For more information, see the
entire open source project on GitHub.

See GitHub

Complete Feature List

Element 24Logo_XS2A SandboxCreated with Sketch.Group 3Created with Sketch.
Payments Service
Consents Service (All Types)
Account Information Service
Payment Instrument Issuer Service
Service for Issuing eIDAS Test Certificates
Developer Portal
Architecture Documentation
Real Bank Emulation and Dynamic Data
Registration of Third Party Providers
Account and User Management
Multilevel SCA
Redirect SCA Approach
Embedded SCA Approach
Decoupled SCA approach
Multiple Testing Flows for
Successful and Unsuccessful Scenarios
Upload of NISP Test Data
Storing PIIS consets in CMS
Storing events and technical logs
Databases suport (h2, postgres, oracle, mariadb)

Product History

  • Project Kick-Off with two Team Members

  • Released xs2a v.1.0

    • Redirect SCA approach
  • Released xs2a v.1.7

    • Based on Berlin Group Specification 1.2.
    • Embedded SCA approach for single payment
  • Implementation of specification 1.3

    • According to the yaml file from Berlin Group in xs2a v.1.15.
    • Support of single, periodic and bulk payment initiation with pain.001 XML message
  • Released xs2a v.1.17

    • Implemented Decoupled SCA approach
    • Start to support of multiple SCA approaches
  • Provide development within two branches

    • Stable branch for version 2.x
    • Development branch for version 3.x
  • Implementation of specification 1.3.4 extentions

    • Stable branch for version 4.x
    • Development branch for version 5.x

Any questions?Ask our expert

René Pongratz

Vice President Marketing/Sales