Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Open Banking for Developers #fapisum - Japan/UK Open Banking and APIs Summit 2018 - July 24, 2018

941 views

Published on

By Ralph Bragg (Open Banking Limited)

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Open Banking for Developers #fapisum - Japan/UK Open Banking and APIs Summit 2018 - July 24, 2018

  1. 1. © Open Banking Limited 2018 Open Banking Financial API Workshop July 2018 Ralph Bragg, Ecosystem Architect
  2. 2. © Open Banking Limited 2018 2 OPEN BANKING UPDATE Tasked with delivering the Open Banking API standards and security architecture The CMA9 are the UK’s nine largest current account providers: AIBG, Bank of Ireland, Barclays, Danske, HSBC, Lloyds Banking Group, Nationwide, RBS and Santander The Open Banking Implementation Entity (OBIE) OBIE was set up by the CMA in September 2016 A world leader in the implementation of the Open Banking Remedies, assisting in the delivery of the first APIs A private body whose governance, composition and budget was determined by the CMA Funded by the CMA9 and overseen by the CMA, the Financial Conduct Authority (FCA) and Her Majesty’s Treasury
  3. 3. © Open Banking Limited 2018 3 INTRODUCTION Four broad categories of standards and information necessary for the API economy OBIE Creating Banking Standards IDENTITY A “WHITE LIST” OF TRUSTED PARTICIPANTS AND CUSTOMER RELEVENT OFFERINGS REFERENCE DATA ”OPEN DATA” API BANK PRODUCT DESCRIPTIONS ATM LOCATIONS USERS DATA “READ WRITE” API ACCOUNT INFORMATION PAYMENTS OPEN BANKING UK OPEN BANKING UK SECURITY “MATURE OPEN SECURITY STANDARD” INCLUDING CONSENT AND AUTHORIZATION OPEN BANKING UK, STET, BERLIN GROUP, ISO 22022 OPEN BANKING UK
  4. 4. © Open Banking Limited 2018 4 INTRODUCTION The only body in Europe mandated to ensuring nationally consistent implementation to realize an ecosystem not just enable participant compliance OBIE Building an Ecosystem! IDENTITY A “WHITE LIST” OF TRUSTED PARTICIPANTS AND CUSTOMER RELEVENT OFFERINGS REFERENCE DATA ”OPEN DATA” API BANK PRODUCT DESCRIPTIONS ATM LOCATIONS USERS DATA “READ WRITE” API ACCOUNT INFORMATION PAYMENTS SECURITY “MATURE OPEN SECURITY STANDARD” INCLUDING CONSENT AND AUTHORIZATION ENSURE CONSISTENT IMPLEMENTATIONS FOR ALL CMA9 and THIRD PARTIES
  5. 5. © Open Banking Limited 2018 5 INTRODUCTION Time to onboard to new providers is the biggest barrier for new entrants followed very closely by consistency of offering. OBIE An ecosystem for developers IDENTITY OB Onboarding (1 API Call) Application Registration (1 API Call) Provider Bank Discovery (1 API Call) Provider Onboarding (1 API Call) Swagger (Open API) Fully Specified OPEN BANKING UK SECURITY A Common Security Framework (70million accounts) A Common Consent and Authorization Model Standard Designed to Protect Third- Parties and Banks OPEN BANKING UK
  6. 6. © Open Banking Limited 2018 Yolt – Starling demo – What does it look like? 6 OPEN BANKING UPDATE
  7. 7. © Open Banking Limited 2018
  8. 8. © Open Banking Limited 2018 What’s in each version OPEN BANKING UPDATE V1 (Jan 18) • AIS (Account & Transaction Data) • PIS (Single Immediate Payments only) • PCA/BCA accounts in GBP V2 (Aug 18) • Extended AIS all PSD2 accounts (e.g. cards, savings, mortgages) • Still only GBP V3 (Mar-Sep 19) • AIS and PIS for all PSD2 accounts and all currencies • PIS for multi-auth, FDP, SO, bulk/batch, international/FX • CBPII fund check API • Decoupled flows • Enhanced CX guidelines and checklists V4 (Sep 19) • Notification of revocation • TB and SCA exemptions (inc Variable Recurring Payments) • Other TBC… OB Directory (eIDAS compliant) + Support + Dispute Management
  9. 9. © Open Banking Limited 2018 The Open Banking Timeline 9 OPEN BANKING UPDATE PSD2 Comes into force Mar 2017 Jan 2018 Aug 2018 Mar 2018 Mar 2019 Sep 2019 Open Data v1 Sep 2016 OBIE created RTS application dateRTS published RTS testing Open Data v2 Jul 2017 Read/Write v1 Read/Write v2 Read/Write v3 Read/Write v4
  10. 10. © Open Banking Limited 2018 How does it work?
  11. 11. © Open Banking Limited 2018 Problem statement 11 OPEN BANKING IDENTITY CHALLENGE Secure Understood by developers + Supported by vendors Can be implemented in time
  12. 12. © Open Banking Limited 2018 API Flow (Account and Transaction) 12 OPEN BANKING IDENTITY CHALLENGE
  13. 13. © Open Banking Limited 2018 Security – striking the balance 13 OPEN BANKING IDENTITY CHALLENGE 2017
  14. 14. © Open Banking Limited 2018 Security – striking the balance 14 OPEN BANKING IDENTITY CHALLENGE 2017
  15. 15. © Open Banking Limited 2018 Security – striking the balance 15 OPEN BANKING UPDATE
  16. 16. © Open Banking Limited 2018 Conformance and certification 16 OPEN BANKING IDENTITY CHALLENGE
  17. 17. © Open Banking Limited 2018 Where are the specifications?
  18. 18. © Open Banking Limited 2018 The API Specifications 18 OPEN BANKING IDENTITY CHALLENGE Open Banking Developer Zone: https://openbanking.atlassian.net/ wiki/spaces/DZ/overview • Security Specifications • API Definitions • Swagger Files • Sequence Diagrams
  19. 19. © Open Banking Limited 2018 How can I test my applications?
  20. 20. © Open Banking Limited 2018 Test Facilities 20 OPEN BANKING IDENTITY CHALLENGE Reference Banks: • Provides Test Payment and API Services Conformance Harness: • Security Profile Testing
  21. 21. © Open Banking Limited 2018 Thank you www.openbanking.org.uk ralph.bragg@openbanking.org.uk

×