Açık bankacılık, en basit anlatımı ile üçüncü kişi hizmet sağlayıcılara, kullanıcıların izinleri dahilinde inansal bilgilerine erişmelerini ve işlem gerçekleştirebilmelerini sağlayan güvenli bir yöntem olarak tanımlanabilir. Bu sayede bu bilgilere erişen üçüncü kişi hizmet sağlayıcılar tarafından müşteriler için yeni inansal ürün ve hizmetlerin geliştirilebilmesi, inansal ürün ve hizmetlere ilişkin şeffalık ve rekabetin artırılması ve böylece müşteriler için inansal hayatın kolaylaştırılması ve müşteri deneyiminin artırılması hedeleniyor.
Açık bankacılık, üçüncü kişi hizmet sağlayıcıların kullanıcıların finansal bilgilerine onların rızaları ile ve belirlenmiş koşullarla erişmelerine imkan sağlayan API gibi güvenli yöntem ve teknolojiler, olarak tanımlanabilir.
Açık bankacılığın makro amaçları:
In its simplest form, open banking can be defined as a secure method that lets third-party service providers access users’ financial information and carry out transactions — within the limits of the users’ consent. This allows those third-party providers to develop new financial products and services for customers, to increase transparency and competition in financial products and services, and thereby to simplify customers’ financial lives and improve their experience.
Open banking can be defined as a set of secure methods and technologies — such as APIs — that enable third-party service providers to access users’ financial information with their consent and under defined conditions.
The macro goals of open banking:
Open banking is a system that lets bank account data and payment-initiation rights be shared with licensed third parties over secure APIs, with the user's explicit consent. In short, it lets you view and manage all your bank accounts from a single app.
A user grants an app permission to access their bank data; the app obtains that access through the bank's APIs, with strong authentication the user performs at their own bank. Banking passwords are never shared with the third party.
Yes. Access is built on bank-grade standards like FAPI 2.0, OAuth 2.0 and mTLS; every action is approved at the user's bank and consent can be revoked at any time. The third party never sees your banking credentials.
An AISP (Account Information Service Provider) is the licensed party that reads bank account data with the user's consent. Kobaküs does not hold this role itself; it provides the infrastructure while a licensed partner is the AISP.
A PISP (Payment Initiation Service Provider) is the licensed party that initiates a payment from the bank account with the user's consent. Kobaküs provides the infrastructure while a licensed partner is the PISP.
AIS (account information) reads data: it accesses balances and transaction history. PIS (payment initiation) takes action: it starts an account-to-account payment. They are the two core services of open banking.
For the end user, open banking is typically free. Businesses pay an infrastructure/service provider (e.g. Kobaküs) on a usage basis; with Kobaküs the sandbox is free and you pay per transaction in production.
Yes. In Türkiye, open banking operates under TCMB regulations and the data-sharing framework; account information and payment initiation services are provided by licensed institutions.
Only the licensed providers you explicitly authorize, and only within the scope you grant. Consent is time-bound and limited, and you can revoke it whenever you want.
Many use cases are possible: seeing all accounts in one screen, card-free instant payments, automated budgeting, income/expense verification, faster loan applications and multi-bank cash management.