As a standard for corporate-bank communication, EBICS is here to stay. Originally designed to modernize and replace a previous standard within Germany, it was then taken up by the French banking community, and more recently Switzerland and Austria. As a result, corporates have for many years been able to access all banks in Germany and France and many beyond that, including group-wide EBICS hubs operated by multinational banking groups.
There are good reasons why EBICS has proved to be so popular with corporates: it is cost-effective, and fully supports multibanking. The banks have achieved their aim to establish a flexible and future-oriented and secure framework based on an open, published specification.
Harmonization is certainly positive, but there are hurdles to be overcome. Today, the original EBICS standard lives alongside a special “variant” for France, designed to allow easy migration from the French legacy standard. There are two main differences, both in key areas: the way in which the message contents are identified and the signature/authorization process.
The clearly stated aim of the EBICS 3.0 specification is to define a single, harmonized standard, bringing together the differences and incompatibilities in the current local “dialects”. The specification defines an overall framework, within which there is sufficient room to support national, official and indeed bilateral deviations. The related downside to this “unity with diversity” approach, is a new level of complexity which has to be understood and recognized by the many applications on the market supporting EBICS.
Perhaps the most significant change within EBICS 3.0 is the way in which transaction types are recognized and validated. The current – mutually incompatible – models used in the standard and the French variant has been replaced by a new overriding framework, using Business Transaction Formats (BTF). These provide a level of flexibility to support diverse formats by using additional parameters which are required for each transaction type. This means that the definition “owners” (the country banking bodies) have extensive freedom to design the information needed for these definitions. This versatility however introduces new levels of complexity and creates special challenges for applications used in the international environment at banks and corporates, because they must reliably support the BTF variants of all involved parties.
Alongside this are changes aimed at harmonizing the exchange authentication keys and personal signatures, by settling on the use of X.509 certificates. However, again there remain differences, for instance in how these are handled and the validity of the certificates. The consequence is that solution providers must ensure support for both options within the application.
With EBICS 3.0, a standardized framework is now available with the flexibility for adaptation to multiple, varying requirements, but also new levels of complexity. In addition, EBICS 3.0 will only take its place in the market gradually, so cross-compatibility with the EBICS 2.5 version will remain essential for the coming years. For this reason, banks and corporates will need to be confident of working with an experienced and future-oriented partner with a considered and professional approach to mastering the challenges. As a pioneer and leading solution provider for EBICS solutions, Omikron is well-prepared to meet these challenges.
For full cross-border compliance, it is necessary to ensure ongoing compatibility between the different solutions on the market, across different countries. Omikron’s solutions are designed to meet these expectations and to be adapted easily to support any changes or additions to the underlying national specifications.
More detailed background information on the EBICS 3.0 standard and how to make the most of the opportunities is provided in our whitepaper.