Nina Stoyanova: The future of money

Speech by Ms Nina Stoyanova, Deputy Governor and Head of the Banking Department of the Bulgarian National Bank, at the Manager Magazine Fourth Banking and Finance Forum "The Future of Money", Sofia, 20 October 2021.

The views expressed in this speech are those of the speaker and not the view of the BIS.

Central bank speech  | 
08 December 2021

Thank you for inviting me to open today's fourth Banking and Finance Forum on the topic of The Future of Money.

New technologies are changing the financial sector today and leading to the offering of increasingly diverse and convenient payment products in a highly competitive environment. The policies of the European Commission, the European Central Bank and national regulators are aimed at catalysing this process, to exploit more fully the potential offered by technology and to achieve cheaper, safer and more accessible payment solutions. The dynamics of the processes in Europe is also fully valid for our country.

Data on payments processed by payment systems in our country show a significant growth. For the first six months of 2021, the value of payments made through the BNB-operated Real-time Gross Settlement System in BGN (RINGS) increased by 30% compared to the first half of 2020, while for the same period the value of payments in euro through the national component system of the large-value payment system in euro – TARGET2-BNB increased by 65.7%. I would like to touch briefly on some of the recent technological developments in the field of payment services in the European Union and in our country.

Security of payments

The rapid development of e-commerce in recent years and the increased use of electronic channels to initiate payments pose new challenges related to ensuring the security and customers' data. As of September 2019, it has become mandatory in Europe to implement strong customer authentication. This means that when an electronic payment is initiated, at least two independent elements from different categories – knowledge, possession and inherence – must be used in the process. In the case of remote payment transactions, e.g. via internet, an additional requirement is introduced to perform so-called dynamic linking – linking the code for each transaction to a specific amount and a specific payee. These requirements are implemented by the payment service providers in our country.

For the practical implementation of these regulatory requirements, new technologies are again coming to the rescue. Recently, biometric authentication has shown great potential by providing verification of elements characterising the user: fingerprint, iris scanning, facial recognition, etc. Many payment service providers in Bulgaria have already introduced similar customer identification methods using mobile banking applications. Apart from convenience, this leads to a significant increase in the security of the payment process, allowing the use of biometric data for customer identification.

On the occasion of the forthcoming review of the Second Payment Services Directive, a comprehensive assessment of the impact of strong customer authentication on the level of payment fraud is to be carried out. Opportunities are also being explored for the use of electronic identification and certificate-based solutions to meet the requirements for strong customer authentication at account login and initiation of payment transactions.

Mobile technologies

With the advancement of technologies, the smartphone is being established as an increasingly universal tool capable of combining a wide variety of functions. Nowadays the smartphone is also becoming a tool for initiating payments. This is possible thanks to services like digitalisation of payment cards, the use of digital wallets, and mobile banking applications.

In recent years, work has been done towards the potential use of smartphones as devices for receiving physical card payments. This has become possible due to technical standards1 developed by the Payment Card Industry Security Standards Council2. These standards allow the use of NFC-enabled mobile devices, such as smartphones and tablets, for accepting contactless payments and also for the payer to enter a PIN code on the screen of the mobile device. Thus, mobile devices are becoming a sort of software POS terminals capable of accepting payments with payment cards and other payment instruments integrated into the mobile phone. We also already have payment service providers that offer this software POS service. This will make contactless payments easier and more convenient to the customers and merchants in Bulgaria.

Another new possibility is a payment transfer via telephone conducted between accounts with payment service providers where a mobile telephone number is indicated instead of an account number, based on a technology that allows linking the telephone number to the IBAN account number. This service is also already offered on the Bulgarian market. All this follows the trend of increased usage of mobile payment solutions in Europe.

Open banking

The new payment initiation and account information services, regulated by the Second Payment Services Directive, create conditions for implementing the so-called 'open banking'. This allows the entry of new participants in the payments market and the development of innovative services as well as value-added customer solutions.

In order to comply with the regulatory requirements, the banks in Europe, including those in Bulgaria, preferred to choose the development of dedicated interfaces, known as 'application programming interfaces' or 'APIs', to the possibility of modifying their client interfaces for access. The advantages of dedicated interfaces are considerable – they have a higher degree of security, speed and are capable of accepting a large number of simultaneous requests. However, the use of dedicated interfaces also presents a great deal of challenges – their development is a costly and complicated process which requires coordination between various units of the banks, their external developers, and the providers of the new services. Main priority is ensuring the security of the processes, without compromising their functionality.

Insofar as the legal provisions of Delegated Regulation (EU) 2018/3893 are more general, its practical application raises many issues that require additional clarification. To this end, in 2019 the European Banking Authority (EBA) established a Working Group on APIs under PSD24. Within this group, representatives of the EBA, the national competent authorities, the European Commission, and the European Central Bank consult the market participants (banks, third party providers and industry organisations) and identify potential practical implementation problems and possible solutions thereof.

Based on the consultations, by 31 July 2021 the EBA has published clarifications on 31 issues relating to the practical application of the requirements for APIs. With the aim of converging the supervisory practices among the Member States of the European Union, in June 2020 the EBA published its Opinion on obstacles under Article 32(3) of the regulatory technical standards on strong customer authentication and common and secure open standards of communication (EBA/OP/2020/10)5. The work on the raised issues is still going on via the Q&As published by the EBA6.

The Bulgarian National Bank, in its capacity as a regulator, has active communications with the market participants with the aim of improving the functionality of the dedicated interfaces already built by the banks in the country. The process is developing in line with the European progress and in compliance with the legal framework, the opinions and clarifications published by the EBA. The first authorised in Bulgaria providers of the two new payment services started their activities in 2020.

In conclusion, we can sum up that the trends in Europe are related to the development of a single European payments infrastructure based on common standards and instruments, aiming to ensure a pan-European scope and reach. Instant payments, which are in a process of introduction also in Bulgaria, open banking, and the increasing use of mobile technologies are topical issues both in the country and in the European Union, issues that we will continue to talk about. The payment services in Bulgaria are evolving in line with the dynamic processes in Europe, gathered around digitalisation, new technologies, and the ensured security of the payment process.

1 Contactless Payments on consumer off-the-shelf devices (COTS) and Software Based PIN Entry on COTS

2 Payment Card Industry Security Standards Council (PCI SSC)

3 Commission Delegated Regulation (EU) 2018/389 of 27 November 2017 supplementing Directive (EU) 2015/2366 of the European Parliament and of the Council with regard to regulatory technical standards for strong customer authentication and common and secure open standards of communication (RTS on SCA and CSC)


5 Opinion of the European Banking Authority on obstacles under Article 32(3) of the RTS on SCA and CSC