4. PSD2 Overview
Main purpose : open up market for payments services
Banks must provide 3rd party access to payment
initiation and account information services
• Under well-defined conditions
Defines policy, doesn’t set technical direction
Useful explanation
• https://www.starlingbank.com/explaining-psd2-without-tlas-
tough/
5. PSD2 Timeline
Jan 2018 :
• PSD2 transposed to national
law
Sept 2018 :
• earliest date for security
aspects
http://digitalbaobab.com/wp-content/uploads/2016/02/psd2-timelines.pdf
6. Technology
RESTful JSON APIs are a natural choice
Wide adoption in other industries, simplicity is key
Used by Fintech, and in Digital and API Programmes at banks
Used by Challenger banks
Aggregators
7. Standards-related Activity
http://www.berlin-group.org/
open interoperability standards and
harmonisation initiative, the NextGen PSD2
Taskforce
https://www.caps-services.com/
open framework realising the regulatory intent
of PSD2 (aggregator)
https://www.abe-eba.eu/thought-
leadership/regulatory-guidance/
New publications in early 2017
Non-PSD2 : UK CMA Open Banking
https://www.gov.uk/government/news/cma-
paves-the-way-for-open-banking-revolution
Standards sometime in 2017
(There is also work ongoing in security)
9. What is ISO 20022?
Standard for Financial Messaging, iso20022.org
Agreed vocabulary for financial services &
financial data exchanged between parties
• Uses XML currently
• Can use other syntaxes e.g. ASN.1
• Plans to publish JSON syntax in 2017 ??
Growing global adoption
https://www.iso20022.org/adoption.page, April 2016
SEPA and CGI-MP corporate to bank, including account statements;
SEPA bank to bank;
SEPA instant payments, Nov 2016,
http://www.europeanpaymentscouncil.eu/index.cfm/sepa-instant-
payments/sepa-instant-credit-transfer-sct-inst/
European Target2S
Payments Canada, 2020
US Chips, high value payments, 2020
Etc
10. JSON APIs and ISO 20022
ISO 20022, SEPA, SEPA
Instant Payments etc
API
Platform
JSON APIs
Core Banking
Platforms
Integration
Middleware
Mobile Apps Mobile Apps
API
Platform
Core Banking
Platforms
Integration
Middleware
JSON APIs
Bank payment systems increasingly ‘speak’ ISO 20022
APIs and ISO 20022 payments infrastructure will coexist
11. Following ISO 20022 Best Practices
ISO 20022 solves longstanding
issues
• E.g. remittance information
Has an agreed vocabulary for
financial domain
https://www.swift.com/file/23901/download?tok
en=izEXYBlb
13. XS2A Example: account statement
Example account
details in JSON
ISO 20022 camt.053 XML, account
statement
14. Simplicity
Simplicity is critical for APIs
Direct mapping of ISO 20022 will be too complex
“Basic” ISO 20022 XML pain.001 credit transfer : 110 lines
15. Simplicity – Detailed Example
InitgPty / Initiating Party in ISO 20022 = company initiating a credit transfer
ISO 20022 XML
Directly Mapped JSON
: longwinded
The essentials in JSON
: much simpler
16. Useful precedents e.g. Currency
Notes:
A simplistic API might ‘assume’ a currency value
ISO 20022 mandates that you explicitly define currency
ISO 20022 follows a standard for currency codes (ISO 4217)
Previous SWIFT MT standard combined currency and amount in a single field:
• makes life difficult for developers
From SWIFT MT940 : earlier generation of account statements, still in
widespread use
ISO 20022 XML Corresponding JSON
(D/C Mark)(Date)(Currency)(Amount)
17. Other examples….
Consider using credit / debit indicators, not negative amounts
Remittance information : limitations on characters (latin, cyrillic etc)
Structure of postal addresses
IBANs and BICs, and when they are required
Standard for identifying countries and bank transaction codes
Etc…
18. Advice on getting started
Review APIs against ISO 20022 thoughtfully
• What fields are important in ISO 20022
• What fields should be mapped directly
• What business rules need to be honoured (ISO 20022 & bank)
• Keep simple, align where reasonable
Careful mapping will facilitate interoperability
Monitor standards activities around APIs
19. XMLdation PSD2 / API Offering
SaaS platform for managing API definitions
With automatic generation of API validation policies, test components and Developer
Portal content from a single source
PSD2 Consultancy
Advising / supporting bank teams to reach PSD2 compliance and launch Fintech
partnership programmes
Bank Challenges
PSD2
Compliance
Bank Programme Tracks
Time to
Market
Business of
APIs
API Layer Access and
Identity
API Integration
to Backend
End to End
Testing
Partnership
Model
Developer
Supports
Benefits
20. XMLdation API Offering
Product
Management
IT
dev &
testing
API Project
Onboarding
& support
Client
Business
development
API definition management
Onboarding
Developer
Services
Production Systems
API Validation
Policies
Test Automation
Framework
Test
Components
Bank IT
Environment
21. • XMLdation is a world leader in end-to-end testing of standardised
financial transaction messages : ISO 20022, SWIFT MT, JSON APIs
• Our innovative Software-as-a-Service assists banks, e-invoicing
providers, clearing houses, financial software vendors in the
implementation, testing and maintenance of transaction messages.
• XMLdation service is used by more than 20 banks in over 50 countries
worldwide
• Headquartered in Tampere, Finland; Office in Cork Ireland
• Established in 2009
• Video http://myxml.is/offering16
@api_lifecycle @xmldation
22. Next PSD2 Webinar
Thursday Feb 16, 2017
Tuesday Mar 21, 2017
PSD2: Implementing APIs that
interoperate with ISO 20022
More on API / ISO 20022 alignment
Defining ‘ISO 20022’ business rule
policies for APIs
Applying ISO 20022 policies on an API
platform
Wrapup
Register for upcoming webinars
http://www.xmldation.com/en/company/events-list
Webinar slides
Slides will be posted to website after webinars.
You will receive a link by email.
Getting started with PSD2
Drop us an email at xmldation@xmldation.com,
and we’ll help