The background of the question is that there is a perceived ambiguity if such Tap to Pay services could be deemed an ICT service under the DORA framework. Normally, the providers of such Tap to Pay services have an agreement with a bank regarding the commercial and legal terms for the Tap to Pay service. Such agreement may include provisions on remuneration to be paid by the bank to the service provider (e.g. a fixed fee per enrolled card and/or a variable fee based on e.g. transaction volume). However, the Tap to Pay services are typically delivered to the bank customers directly (pursuant to agreement between the customer and the Tap to Pay service provider). Then the question arise if the Tap to Pay service may be deemed an ICT service even though the service is not delivered to the bank per se, but insted to its customers using their own payment card in the process for the Tap to Pay service. To this end, it is also unclear if the term "external users" in article 3.21 in DORA may include customers of a bank. There are a number of such "Tap to Pay" services on the market today (e.g. Apple Pay, Google Pay, Vipps Tap to Pay, Samsung Pay, Garmin Pay, etc.).

The questions are rejected because the matter it refers to has been answered in Q&A DORA161.