Open Banking Payments: What's Actually Shipping in 2026

Open banking payment initiation has been "about to disrupt card payments" for eight years, and its progress sits squarely within the PSP and infrastructure transformation reshaping digital commerce. The actual data tells a more nuanced story: PISP volumes are real in specific use cases, meaningful in specific markets, and almost entirely absent from general e-commerce checkout. Understanding which use cases have crossed the adoption threshold — and why the others haven't — is more useful than another macro prediction about the card network's demise.

The Promise vs The Gap

The theoretical case for payment initiation services (PISP) replacing card payments is straightforward: direct bank-to-bank transfer at near-zero settlement cost, no interchange, no chargeback risk for merchants, settlement in seconds. Against a 1.5-2.5% card MDR, the economics are compelling on paper.

The practical barrier is UX friction. A card checkout flow at a modern merchant — especially with stored credentials and tokenization — takes three clicks and two seconds. A PISP checkout flow requires: selecting "Pay by Bank," being redirected to a bank consent screen, authenticating (biometric or OTP), confirming the payment amount and recipient, being redirected back to the merchant. Four to six steps, two redirects, 30-60 seconds in an optimistic scenario.

Payment completion rates correlate directly with checkout step count. Every additional screen costs conversion. The PISP flow is structurally longer than the card flow for the majority of merchant contexts, and no amount of UX improvement within the PISP framework changes the redirect requirement.

The result: PISP volumes are real but concentrated in use cases where either the card flow doesn't exist (cash-preferred consumers), the merchant has restricted card acceptance, or the transaction size makes the MDR savings material enough to offset conversion cost.

UK — The Most Developed PISP Market

The UK has the most functional PISP infrastructure globally and the highest merchant adoption. Open banking user connections reached 16.5 million by December 2025, up from 12.1 million a year earlier, and open banking payments totalled 351 million transactions across 2025 — a 57% year-on-year increase (Open Banking Limited, December 2025). Monthly payment counts hit nearly 33 million in November 2025.

Where it's working:

Utility and bill payments. Direct Debit is the incumbent — a 50-year-old system that requires a mandate setup and takes 3-5 days to process. PISP-based bill payment initiated in-app via Open Banking delivers instant confirmation and no mandate overhead. Energy companies, telecoms, and insurance providers have deployed PISP as a Direct Debit complement for one-time payments and for consumers who don't have direct debit set up. PISP is winning share from Direct Debit here, not from cards.

Gambling top-ups. UK financial regulations restrict some credit cards from being used for gambling. Debit card use for gambling was restricted in 2020. PISP fills the gap — a bank account-backed instant payment that is not a card, complying with the regulatory restriction. PISP has captured a significant portion of online gambling top-up volume as a direct regulatory consequence.

HMRC tax payments. The UK government actively promotes Pay by Bank for tax payments. No surprise: government has no conversion optimization concerns, and saving 0.35-0.5% processing cost on billions in annual tax payments has material value.

What isn't working yet: general e-commerce checkout. Despite multiple "Pay by Bank" checkout integrations from Plaid, TrueLayer, and GoCardless, consumer adoption in retail checkout remains below 5% where it's offered. The redirect friction is the ceiling — but that ceiling is now being tested at scale: Amazon UK switched on Pay by Bank at checkout in February 2026 via TrueLayer, and eBay followed the same month. If pay-by-bank holds share at the largest retail checkouts, the sub-5% figure has room to move; if not, the friction argument stands.

Variable Recurring Payments (VRP). The more interesting UK development is VRP — a PISP mechanism allowing recurring payments with consumer-set limits, as a direct alternative to Direct Debit or subscription card billing. "Sweeping" VRP (moving money between your own accounts) is live and working for cash management use cases. Commercial VRP (a business pulling from your account on a schedule) crossed from pilot to production on 2 June 2026, when the UK Payments Initiative (UKPI) scheme went live — funded by 31 firms including NatWest, Nationwide, TrueLayer, GoCardless, and Plaid, with Wave 1 covering utilities, regulated financial services, government, and charities under a multilateral agreement that sets a single, centrally managed per-transaction price. The FCA and the Payment Systems Regulator confirmed in January 2026 they would not open competition investigations into the Phase 1 pricing arrangements, and Wave 2 — general e-commerce — is expected in the second half of 2026. cVRP is the most interesting PISP product in the market — a subscription mechanism with no card on file, no expiry risk, and near-zero MDR.

EU — PSD3 Agreed, and What It Actually Changes

PSD2 PISP in the EU has been disappointing relative to its mandate. The problem: the regulation required banks to provide APIs for PISP access, but did not specify quality standards for those APIs. The result is 200+ bank APIs across EU27 with inconsistent availability, inconsistent data fields, and inconsistent authentication flows. Some bank APIs have uptime rates below 90%. PISP providers building on EU bank APIs spend more time handling API failures than processing payments.

PSD3, which is designed to address these failures, now has a locked timeline — operators building for the EU should consult the PSD3 and PSR implementation checklist for 2026 for the operational detail. The European Parliament and Council reached provisional political agreement in November 2025, the final compromise texts were published in April 2026, and publication in the Official Journal is expected in the second half of 2026. The PSR — a directly applicable regulation — applies roughly 21 months after entry into force; PSD3 gives member states 18 months to transpose into national law. Full effect: 2028.

What PSD3 actually changes when it arrives: dedicated interface (API) requirements with uptime SLAs (banks must maintain 99.5% uptime for their Open Banking APIs), removal of the screen-scraping fallback (which PSPs currently use when bank APIs fail), enhanced consent management, and a VRP-equivalent mechanism for EU markets. PSD3 also tightens SCA requirements in ways that may further advantage PISP over card for some merchant categories. The EU Instant Payments Regulation compliance requirements form the baseline that PSR builds on for PISP access rules — and that baseline is now live: since 9 October 2025, euro-area PSPs must run Verification of Payee name checks on every SEPA credit transfer, instant or standard, a check PISP-initiated payments inherit.

Until transposition, EU PISP remains operationally unreliable in most markets outside the Nordics (where bank API quality is higher) and the Netherlands (where iDEAL effectively is PISP, with approximately 70–73% e-commerce checkout share as of 2025, per Currence/iDEAL data). For operators entering the EU market, PISP is a secondary payment method at best until PSR's API requirements take effect in 2028.

Australia — CDR Action Initiation and PayTo

Australia's Consumer Data Right expanded to include Action Initiation in 2024-2025, allowing Accredited Data Recipients to initiate payments on behalf of consumers via CDR. The infrastructure exists; adoption is thin. The use cases in live deployment are largely B2B invoicing, insurance payments, and government services — not retail e-commerce.

The more practically important development is PayTo — the New Payments Platform's (NPP) mandate framework. PayTo allows businesses to create pre-authorized payment mandates with consumers, enabling NPP-backed debits that function like Direct Debit replacements. PayTo mandates are real-time, can be managed by consumers through their bank apps, and can be initiated by the merchant as variable amounts within consumer-approved limits.

PayTo is a direct competitor to card-on-file subscription billing for Australian merchants, with near-zero MDR. Early deployment is in utilities, subscriptions, and rent payments. Major Australian banks are live on PayTo; adoption by merchants is the limiting factor. The merchant value proposition is clear for recurring billing — no card expiry, no interchange, instant settlement, consumer-managed consent. The conversion at signup (requiring a consumer to set up a PayTo mandate rather than storing a card) is the friction point.

Where Open Banking Payments Actually Win

Stripping out the hype, PISP and open banking payments deliver genuine merchant value in specific scenarios:

High-value B2B payments. A $50,000 trade invoice paid via PISP saves $750 in card MDR. The conversion friction of the PISP flow is irrelevant for B2B — the buyer's AP team doesn't need a frictionless consumer checkout. The economics are compelling and the use case is growing.

Regulated sectors with card restrictions. Gambling (UK), crypto exchanges (many issuers block crypto card purchases), and other regulated categories where card acceptance is restricted by issuers or regulators. PISP is often the primary digital payment method because card is unavailable.

Government and utility payments. Where conversion optimization doesn't apply and MDR savings are material. Both governments and utilities are active deployers.

Subscription and recurring billing with VRP. With cVRP live under the UKPI scheme since June 2026, the subscription use case is now testable in production: consumer-controlled recurring authorization, no card expiry, lower MDR than cards. This is the most interesting near-term PISP opportunity.

Cash-preferred consumers. In markets with significant unbanked or card-averse populations, PISP can be an on-ramp — consumers who have bank accounts but no cards. Less relevant in UK/EU/AU; more relevant in emerging markets with open banking frameworks.

What Operators Should Actually Do

The merchant profile for whom PISP integration is worth pursuing in 2026: B2B payments above £1,000, UK utility or subscription billing, regulated sector with card restrictions, or Australia with a recurring billing use case where PayTo fits.

The merchant profile for whom PISP is not worth the integration effort: general e-commerce checkout, one-time consumer purchases below £100, markets outside UK/Netherlands/Australia where PISP infrastructure is unreliable.

The integration complexity is real. PISP providers (TrueLayer, Plaid, GoCardless) have improved their developer experience significantly, but bank API reliability varies, error handling is complex, and refund workflows for PISP are less standardised than card refunds. Budget for meaningful engineering effort beyond the happy path.

The 2-3 year view: with cVRP live for Wave 1 use cases since June 2026 and Wave 2 e-commerce expected in the second half of the year, and with PSR's API reliability requirements applying from 2028, the subscription and recurring billing use case will meaningfully shift toward PISP for cost-conscious operators. General e-commerce checkout will remain card-dominated unless the redirect friction problem is solved in a way that current implementations haven't achieved.

Open banking payments are real and growing. They're just not growing in the places the press coverage implied they would.