App-to-app: what is this booming authentication process?

App-to-app shopper authentication is booming, since the implementation of the PSD2 directive in 2018. Based on strong authentication, it allows certified third parties, like us, to simply and much more securely connect to many banks' mobile apps. And its use is crucial for the development of open banking. We explain it all to you, with Benoit Mouret, our Head of Product.

What is App-to-app?

App-to-app (or App2App) is the mechanism by which a mobile application can authenticate its users through another mobile application in complete security. This means that when the application is installed on your phone, you are not asked for your login and password again. This is a strong authentication solution for shoppers. It allows mobile applications performing authentication to offer a simplified and faster process, as long as the shopper already has a native application installed on his mobile device, managed by the owner of the server initiating the authorization (his bank, in this case).

With open banking, we have moved from web scraping, which consists in extracting data from a website to use it in another context (usually by re-entering one's login and password on another platform), to authentication via APIs respecting the DSP2 (app-to-app).
Thanks to the latter, shoppers no longer need to identify themselves twice: once they have installed their bank's application on their smartphone, they can authenticate a transaction via a simple fingerprint or with FaceID, during checkout.

"Authenticating in DSP2 is now as easy as validating an e-commerce transaction", says Benoit Mouret, Head of Product at Spaycial.

Until now, one of the main obstacles to authentication validation was the bank identifier, which the shopper generally did not know by heart. Thanks to App-to-app, there is no need to memorize long strings of numbers, as the interconnection between the banking applications and the third party makes authentication immediate.

How does App-to-App work?

Here are the steps of account linking through the App-to-app process as we do it, in summary.

• He must have entered his bank details on this account in order to be able to make transactions. When connecting to his banking application by app-to-app, the shopper gives his consent to transform his bank card into a loyalty card.
• The user selects his bank.
• He authenticates himself through app-to-app (strong authentication via FaceID, code entry, fingerprint...). He does not have to fill in his login details to connect to the third-party app.
• The shopper validates the subscription to the program, and thanks to his purchase can get an immediate refund or other benefits included in the loyalty program.
  
  

What are the benefits of App-to-app for shoppers and retailers?

A better loyalty of the shopper thanks to a better service

Benoit Mouret confirms: "We have observed that over the last 12 months, following the implementation of strong authentication via app-to-app, the conversion rate at our retailers has increased by 33% compared to authentication by scraping".

With the ease of use and security it provides, it's a better experience in the long run, making shoppers more loyal.

A smoother, more secure experience for the customer

Going through PSD2 authentication also means a more secure experience for shoppers. Throughout the process, shoppers navigate in a more secure environment (authorization is done directly on the bank's interface, which is more reassuring). Moreover, consent is systematically requested, and Spaycial being a certified bank aggregator, the transaction is done in full confidence.

In a word, the app-to-app authentication mechanism is an important step forward in the application of PSD2 and the evolution of banking services. By enabling a smoother experience for the user and better results for brands, it contributes to the popularization of open banking and paves the way for new payment data management models.