.png)
Open Banking In India- how it operate
- Anand Nerurkar
- Oct 13
- 6 min read
Open Banking as a regulatory mandate like PSD2 (EU) or OBIE (UK) is not formally adopted in India yet.
However, India follows a different but conceptually similar model — one that is broader, consent-driven, and ecosystem-based rather than purely API-regulated.
🇮🇳 Open Banking vs India’s Data Sharing Frameworks
Aspect | EU/UK (PSD2/OBIE) | India (Account Aggregator / Open Finance) |
Regulatory Owner | European Commission / CMA (UK) | RBI (Reserve Bank of India), NPCI, and FIU |
Regulation Type | Mandatory for all banks (legal directive) | Voluntary participation under Account Aggregator (AA) framework |
Security Model | OAuth2 + OIDC + FAPI | DEPA (Data Empowerment and Protection Architecture) — consent-based |
APIs | Standardized by OBIE / Berlin Group | Standardized by ReBIT (RBI’s IT arm) for AAs |
Participants | Banks, FinTechs, TPPs | Financial Information Providers (FIPs), Financial Information Users (FIUs), Account Aggregators (AAs) |
Use Cases | Payments, Account Aggregation | Loan underwriting, personal finance, wealth management |
Consent Handling | OAuth2/FAPI | Consent artifacts digitally signed via AAs |
🔍 India’s Equivalent: Account Aggregator (AA) Framework
🎯 Objective:
To allow customers to securely share their financial data (bank accounts, mutual funds, insurance, GST data, etc.) with regulated entities with explicit consent.
🧩 Participants:
Entity | Role |
FIP (Financial Information Provider) | Banks, NBFCs, Mutual Funds — who provide data |
FIU (Financial Information User) | Lenders, Advisors — who consume data |
AA (Account Aggregator) | Consent Manager — facilitates encrypted data sharing |
Customer | Grants consent and owns data |
🔐 How It Works (Simplified Flow)
User Initiates – At a lending or wealth app (FIU).
AA Consent Request – App redirects to the user’s Account Aggregator.
User Approval – Customer reviews and signs consent digitally.
AA Fetches Data – From linked FIPs (banks, NBFCs, etc.).
Encrypted Data Transfer – Data securely transmitted to FIU.
Audit + Expiry – Consent and access automatically expire after defined duration.
🧠 Underlying Tech Architecture
Layer | Description |
API Gateway (AA Platform) | Exposes secure APIs for FIPs and FIUs. |
Consent Artefact Management | Uses digitally signed JSON artefacts. |
Encryption/Decryption Service | End-to-end encrypted payloads between FIPs and FIUs. |
Identity & Access Management | Aadhaar-based identity or mobile OTP verification. |
Registry Service | Maintains AA participants and metadata. |
🏗️ Architecture Overview (Text Form)
Actors:Customer → Account Aggregator → FIP (Bank) → FIU (Lender)
Flow:
Customer → [AA App] → Consent Approval → [AA Consent Service]
AA → [FIP APIs] → Fetch Financial Data → [Encrypted Payload]
AA → [FIU APIs] → Deliver Data → [Data Utilization for Credit Decision]
Standards: RESTful APIs, JSON, JWE/JWS, DEPA schema
Security: Public key cryptography, token-based authentication
Auditability: All consents, requests, and revocations logged
💡 Why It’s “Open Banking-Like” but Not “Open Banking”
Feature | India (AA) | PSD2 (EU) |
Regulatory enforcement | Optional, framework-based | Mandatory, directive-driven |
API standardization | Partial (ReBIT specs) | Complete (OBIE / Berlin Group) |
Third-party access | Only licensed FIUs via AA | Any registered TPP |
Data portability scope | Financial data only | Financial + payment initiation |
Consent standard | DEPA-based | OAuth2/FAPI-based |
🌐 UAE & Global Context
The UAE Central Bank (CBUAE) is now rolling out an Open Finance framework aligned with PSD2, but with regional adaptations — similar to Saudi Arabia (SAMA) and Bahrain.
“While India follows the Account Aggregator model under RBI’s DEPA framework, the UAE is adopting a PSD2-aligned Open Banking standard. I’ve worked with both models conceptually — India’s consent-based sharing and the EU’s FAPI/OAuth2-based trust framework — which gives me cross-regional interoperability understanding.”
✅ Open Banking in India: Current Landscape (as of 2025)
India's open banking ecosystem is evolving rapidly, driven by regulatory frameworks and technological advancements. The Reserve Bank of India (RBI) has been instrumental in promoting open banking through initiatives like the Account Aggregator (AA) framework and the Regulatory Sandbox. These efforts aim to facilitate secure and consent-based data sharing between banks and third-party providers.
However, the adoption of open banking APIs by banks has been gradual. While some banks have begun to open their APIs to fintechs, widespread implementation is still underway. The RBI's push for digital transformation and the increasing demand for innovative financial services are encouraging more banks to develop and expose their APIs.
🧩 Case Study: Perfios & NeSL Collaboration
A notable example of open banking in India is the partnership between Perfios, a B2B SaaS company, and NeSL (National E-Governance Services Ltd), a government-regulated financial record-keeping agency. This collaboration aims to use AI and smart data tools to provide lenders with early signs of borrower stress, enhancing credit risk assessment and decision-making processes. The Times of India
🔍 Step-by-Step Overview of the Open Banking Process
Customer Consent: The process begins when a customer provides explicit consent to share their financial data with a third-party provider (TPP), such as a fintech application.
Data Access via APIs: With consent, the TPP accesses the customer's financial data through open banking APIs provided by the bank. These APIs allow secure data sharing, ensuring privacy and compliance with regulatory standards.
Data Utilization: The TPP analyzes the shared data to offer personalized financial services, such as credit scoring, budgeting tools, or loan recommendations.
Service Delivery: Based on the analysis, the TPP delivers the tailored financial service to the customer, enhancing their financial experience.
🏦 Banks Offering Open Banking APIs
While specific details about all Indian banks offering open banking APIs are limited, some banks are beginning to provide API access to fintechs. For instance, Axis Bank and Airtel Payments Bank are participating in a pilot program enabling e-commerce payments via ChatGPT, integrating India's Unified Payments Interface (UPI) with AI platforms. Reuters
📈 Future Outlook
The open banking landscape in India is poised for significant growth. The market is expected to reach USD 7.5 billion by 2030, driven by advancements in digital public infrastructure, regulatory support, and increasing fintech innovation. The Digital Fifth
As more banks develop and expose their APIs, and as fintechs continue to innovate, open banking is set to transform the financial services sector in India, offering consumers more personalized and accessible financial solutions.
As of 2025, several Indian banks are actively offering open banking APIs, facilitating seamless integration with fintech applications. Here's a detailed overview of key banks providing these APIs and examples of fintech collaborations:
🏦 Banks Offering Open Banking APIs
1. Axis Bank
API Offerings: Axis Bank provides over 200 retail APIs and 51 corporate APIs, covering services such as cards, deposits, loans, payments, trade, and collections.
Developer Portal: The Axis Bank API Portal serves as a gateway for fintechs to access these APIs.
Use Case: Axis Bank's open APIs enable businesses to integrate banking services directly into their platforms, streamlining operations and enhancing customer experiences.
2. Airtel Payments Bank
API Offerings: Airtel Payments Bank offers APIs that facilitate digital banking services, including payments and account management.
Developer Portal: The Airtel Payments Bank Developer Portal provides access to these APIs.
Use Case: Airtel Payments Bank's APIs support fintech applications in delivering financial services to a wide customer base, leveraging Airtel's extensive network.
3. Federal Bank
API Offerings: Federal Bank offers a robust API Banking platform, extending a wide array of API services to various fintechs, corporates, and technology companies.
Developer Portal: Access to Federal Bank's APIs is available through their API Banking Portal.
Use Case: Federal Bank's APIs enable fintechs to integrate banking functionalities into their applications, enhancing service offerings and operational efficiency.
4. Shivalik Bank
API Offerings: Shivalik Bank offers a robust API suite that enables businesses to leverage open banking capabilities, allowing for seamless integration and enhanced customer experiences.
Developer Portal: Shivalik Bank's API suite is accessible through their API Developer Portal.
Use Case: Shivalik Bank's open banking APIs support fintech applications in delivering personalized financial services, fostering innovation in the fintech ecosystem.
🤝 Fintech Collaborations Utilizing Open Banking APIs
1. Axis Bank & Postman
Integration: Axis Bank partnered with Postman to build its open API platform, facilitating seamless integration of banking services into fintech applications.
Outcome: This collaboration has enabled fintech developers to access and integrate Axis Bank's APIs efficiently, accelerating the development of innovative financial solutions.
2. Airtel Payments Bank & I4C
Integration: Airtel Payments Bank integrated its systems with the Indian Cybercrime Coordination Centre's (I4C) real-time API, enhancing security measures for digital transactions.
Outcome: This integration has strengthened customer security by enabling real-time information sharing between Airtel Payments Bank and I4C, allowing for prompt action against financial fraud.
🔍 Summary
The open banking landscape in India is evolving, with several banks offering APIs that facilitate seamless integration with fintech applications. These collaborations are fostering innovation and enhancing the delivery of financial services to a broader customer base.
Comments