1. SNAP BI - IMPLEMENTATION
B2B CONCEPT OF IMPLEMENTATION
2. Executive Summary
- What is SNAP-BI
- We will only talk about implementation of B2B
- What is the application architecture
- How is the flow of the transaction
- Stack of technology
- Future features
3. SNAP - BI (Bank of Indonesia)
Payment Open API National Standard, hereinafter abbreviated as SNAP, is
Payment Open API National Standard stipulated by Bank Indonesia in order to
create a healthy, competitive and innovative payment system industry; encourage
integration, interconnection, interoperability, as well as security and reliability of
payment system infrastructure; and/or improve market practices that are sound,
efficient and reasonable in the implementation of the payment system.
4. Stack of technology
- Language : Java (version 17 or above)
- Database : Postgresql (version 15)
- Framework :
- Spring Framework
- Spring Cloud
- Spring Security
- Distributed tracing : zipkin
- ELK (Elasticsearch, Logstash, Kibana)
- OIDC : Keycloak
- Docker / OCP
- Redis
7. Get Token Integration
API
API Gateway
Microservices
Stack
Zipkin
Distributed
Tracing
Elastic Search
Keycloak
Get cert to validate token
Validate signature
SHA256withRSA
Using private key
8. Transaction Integration, Symmetric
API
API Gateway
Database
Cluster
Microservices
Stack
Zipkin
Distributed
Tracing
Elastic Search
Keycloak
Send request
with token
from client
Get cert to validate token
Validate signature
HMAC_SHA512
9. Transaction Integration, Asymmetric
API
API Gateway
Database
Cluster
Microservices
Stack
Zipkin
Distributed
Tracing
Elastic Search
Send request
from client
Validate signature
SHA256withRSA
10. Get Access Token, case : Bank BCA
Gateway Auth Svc OIDC
Search client id and issued
token
Validate signature
SHA256withRSA using public
key
Routing & Forward request
Request token to keycloak
Shared token
Forward token
Shared token
Save token
Request for token
Other
Institution
11. Transaction, case : Symmetric
Other
Institution
Gateway
App
Service
OIDC
Validate signature
Using hmac
Routing & Forward request
Request cert to keycloak
Request for transaction
Validate Token
Response cert
Other
App
Request transfer to core
Action
Shared response
Forward response
Shared response
12. Transaction, case : Asymmetric
Gateway
App
Service
OIDC
Validate signature
SHA256withRSA using public
key
Routing & Forward request
Request for transaction
Other
App
Request service to other service
Action
Shared response
Forward response
Shared response
Other
Institution