SlideShare a Scribd company logo

Open Banking beyond PSD2 in the EU

OpenID Foundation Japan
OpenID Foundation Japan

Open Banking beyond PSD2 in the EU Torsten Lodderstedt - CTO,yes.com

Technology
1 of 21
Download to read offline
Open Banking beyond PSD2 in the EU Torsten Lodderstedt @tlodderstedt yes®
Background ● Software Engineer (Ph.D in computer science) with strong interest in identity and security ● CTO at yes.com (open banking ecosystem) ● Before: quite some time in IT Consulting (public, banking, railway communication, telecommunication), Consumer Identity Management at Deutsche Telekom ● Regular contributor to OAuth & OpenId ● Current focus: OAuth & OpenId for Open Banking & security-sensitive applications ● FAPI & eKYC & Identity Assurance WG, Editor of OAuth Security BCP, PAR & RAR & JARM
Open Banking prior PSD2 ● Use Cases ○ Personal Finance Management (PFM) ○ Payment ○ Credit Rating ○ Identity Verification ● Technology ○ Screen Scraping, dedicated interfaces (e.g. HBCI/FinTS in Germany) ● Challenges ○ Screen Scraping is fragile, insecure, expensive ○ Interfaces not intended for web/app scenarios, credentials entered at the 3rd party ○ Liabilities unclear, security concerns, legal disputes
Payment Service Directive 2 (PSD2) ● EU Directive obliging any financial institution operating in the EU to provide ○ Access to Account Information (Accounts, Balances, Transactions) and ○ Payment Initiation ● to authorized third parties (TPPs) and ● to implement Strong Customer Authentication for any online access to payment accounts ● Objectives: establish regulatory regime (liability), increase security, foster innovation, reduce payments cost
® PSD2: The Big Picture European Union 28 Member States PSD2 RTS Regulatory Technical Standards Local Law Technical Standards STET, BG, UK OB, Polish API, … Financial-Grade API WG (profile & support) About 6000 Financial Institutions Within 18 months (until 14th of Sept. 2019)
PSD2: Status ● In transition phase, not fully operational from a customer’s perspective ● Lack of interoperability across financial institutions and member states ● Alignment among three major API initiatives under the Swift umbrella ○ OpenID Foundation/FAPI invited to contribute security profile
Beyond PSD2 (Scope) ● Different parties with different interests ● Merchants want better payment services (e.g. invoice, deferred, guaranteed) ● Regulator (EBA) wants EU-wide payment scheme based on current accounts ● Traditional TPPs want more data for identity verification, credit scoring & payments risk assessment Key Question: Willingness to Pay? ● Financial Institutions want a business case and leverage their tremendous investments in the open banking infrastructure
Why is identity so important? A digital society needs reliable digital identities. ● eGovernment ● Access to Health Data ● Financial service (AML/CFT) ● Telecommunications ● Fraud prevention ● Risk mitigation
Bank Identity as a Service ● Financial Institutions verify and maintain identity data for every person authorized for an bank account according to local anti-money laundering law ● This data is bound to online banking user accounts equipped with credentials for multi factor authentication (SCA in the EU) ● User Account Lifecycle management in place ● Leveraging this assets as Identity Provider to 3rd parties is an opportunity to provide new services to existing customers and to create a revenue stream ○ Authentication as a Service ○ High Level Identity Assurance ○ Further person-related data (e.g. credit score)
OpenID Connect ● Given most PSD2 APIs are based on OAuth, using OpenID to provide identity services is the obvious choice ● Challenges with current state of the art ○ Lack of reach - not enough suitable claims sources ○ Lack of interoperability - e.g. data is interpreted based on implicit attestation ● OpenID Foundation has started WG to define OpenID Connect extension for high-level Identity Assurance ● Suitable for all kinds of IDPs (governments, mobile operators, financial institutions, …)
® OpenID Connect 4 Identity Assurance ● Current Draft: https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html ● Representation for verified claims and associated metadata & evidence ● Enables legal compliance for relevant use cases ● Adopted as Implementer’s Draft
® Explicit Attestation ● Trust framework the IDP complies with ● Time of verification ● Verifier: what party verified the user‘s identity ● Evidence: which evidence where used ● Verification Method: how were the evidence verified
® Verification Data Structure (Example) German Anti-Money Laundering Act Physical In-Person Proofing External Verifier on behalf of IDP Proofing via ID Card
® International ● Specification includes (growing number) of pre-defined identifiers for ○ Trust frameworks, e.g. eIDAS, NIST 800-63A, Japanese & German AML ○ Identity documents, e.g. ID Card, Passport, Driving Permit ○ Verification Methods, e.g. „Physical In-Person Proofing and „Supervised remote In-Person Proofing“ ● So far contributions from UK, US, CA, DE, and JP ● Looking for even broader group of participants!
® No Ambiguities ● Claims with attestation are represented in data structure along with verification metadata ● Also allows to use existing OpenID Connect Claims alongside verified claims in the same transaction
® Example Standard OpenID Connect Claims verified_claims integrated data structure
® Privacy Preserving ● RP asks for individual Claims and Verification data elements ● Purpose of inquiry can be conveyed (per transaction or individual claim)
® Example Request Required trust framework: eIDAS Identity Assurance Level „substantial“ Requested user claims evidence type and and verification method but not the evidence itself
® Versatile ● Representation can be used in a variety of channels (even beyond OpenID Connect): ○ ID Token ○ User Info ○ Access Tokens ○ Token Introspection Responses
® Status ● Initial contribution based on implementation experience at yes.com ● Draft quickly evolved through international contributions ● Several implementations of the current draft in progress ● Set up dedicated working group for Identity Assurance ○ Please join!
Q&A! Latest Drafts & Publications OpenID Connect 4 Identity Assurance https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html OAuth 2.0 Security Best Current Practice https://tools.ietf.org/html/draft-ietf-oauth-security-topics OAuth 2.0 Pushed Authorization Requests (PAR) https://tools.ietf.org/html/draft-ietf-oauth-par OAuth 2.0 Rich Authorization Requests (RAR) https://tools.ietf.org/html/draft-lodderstedt-oauth-rar JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) https://openid.net/specs/openid-financial-api-jarm-ID1.html Cross-Browser Payment Initiation Attack https://cutt.ly/cross-browser-payment-initation Dr. Torsten Lodderstedt CTO, yes.com torsten@yes.com @tlodderstedt yes® Talk to me about - OpenID Connect 4 Identity Assurance - OAuth Security Best Practices & FAPI - The OAuth Security Workshop - Other emerging OAuth & OpenID stuff - Partnering with and working at yes.com

Recommended

Enabling Large-Scale Multi-Party Federations with OpenID Connect - OpenID Sum...
Enabling Large-Scale Multi-Party Federations with OpenID Connect - OpenID Sum...Enabling Large-Scale Multi-Party Federations with OpenID Connect - OpenID Sum...
Enabling Large-Scale Multi-Party Federations with OpenID Connect - OpenID Sum...OpenID Foundation Japan
 
OIDF Workshop at European Identity Conference 2019 -- 5/14/2019 -- FAPI Certi...
OIDF Workshop at European Identity Conference 2019 -- 5/14/2019 -- FAPI Certi...OIDF Workshop at European Identity Conference 2019 -- 5/14/2019 -- FAPI Certi...
OIDF Workshop at European Identity Conference 2019 -- 5/14/2019 -- FAPI Certi...OpenIDFoundation
 
Why The Web Needs Decentralized Identifiers (DIDs) — Even if Google, Apple, a...
Why The Web Needs Decentralized Identifiers (DIDs) — Even if Google, Apple, a...Why The Web Needs Decentralized Identifiers (DIDs) — Even if Google, Apple, a...
Why The Web Needs Decentralized Identifiers (DIDs) — Even if Google, Apple, a...Evernym
 
Overview of Decentralized Identity
Overview of Decentralized IdentityOverview of Decentralized Identity
Overview of Decentralized IdentityJim Flynn
 
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinFOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinCalvin Cheng
 
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio AlamilloIntroducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio AlamilloSSIMeetup
 
What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?Evernym
 
Digital Credentials Enabling Mobility and Verification of Educational Achieve...
Digital Credentials Enabling Mobility and Verification of Educational Achieve...Digital Credentials Enabling Mobility and Verification of Educational Achieve...
Digital Credentials Enabling Mobility and Verification of Educational Achieve...Brandon Muramatsu
 

Recommended

Enabling Large-Scale Multi-Party Federations with OpenID Connect - OpenID Sum...
Enabling Large-Scale Multi-Party Federations with OpenID Connect - OpenID Sum...Enabling Large-Scale Multi-Party Federations with OpenID Connect - OpenID Sum...
Enabling Large-Scale Multi-Party Federations with OpenID Connect - OpenID Sum...OpenID Foundation Japan
 
OIDF Workshop at European Identity Conference 2019 -- 5/14/2019 -- FAPI Certi...
OIDF Workshop at European Identity Conference 2019 -- 5/14/2019 -- FAPI Certi...OIDF Workshop at European Identity Conference 2019 -- 5/14/2019 -- FAPI Certi...
OIDF Workshop at European Identity Conference 2019 -- 5/14/2019 -- FAPI Certi...OpenIDFoundation
 
Why The Web Needs Decentralized Identifiers (DIDs) — Even if Google, Apple, a...
Why The Web Needs Decentralized Identifiers (DIDs) — Even if Google, Apple, a...Why The Web Needs Decentralized Identifiers (DIDs) — Even if Google, Apple, a...
Why The Web Needs Decentralized Identifiers (DIDs) — Even if Google, Apple, a...Evernym
 
Overview of Decentralized Identity
Overview of Decentralized IdentityOverview of Decentralized Identity
Overview of Decentralized IdentityJim Flynn
 
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinFOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinCalvin Cheng
 
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio AlamilloIntroducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio AlamilloSSIMeetup
 
What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?Evernym
 
Digital Credentials Enabling Mobility and Verification of Educational Achieve...
Digital Credentials Enabling Mobility and Verification of Educational Achieve...Digital Credentials Enabling Mobility and Verification of Educational Achieve...
Digital Credentials Enabling Mobility and Verification of Educational Achieve...Brandon Muramatsu
 
Verifiable Credentials & Legal Entity Identifiers (LEIs) | Evernym & GLEIF
Verifiable Credentials & Legal Entity Identifiers (LEIs) | Evernym & GLEIFVerifiable Credentials & Legal Entity Identifiers (LEIs) | Evernym & GLEIF
Verifiable Credentials & Legal Entity Identifiers (LEIs) | Evernym & GLEIFEvernym
 
Digital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksDigital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksEvernym
 
10 Best Professional Blockchain Courses And Certifications
10 Best Professional Blockchain Courses And Certifications10 Best Professional Blockchain Courses And Certifications
10 Best Professional Blockchain Courses And CertificationsBlockchain Council
 
Privacy in the Smart City
Privacy in the Smart CityPrivacy in the Smart City
Privacy in the Smart CityDavid Wood
 
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...SSIMeetup
 
Blockchain With IoT - Top Blockchain IoT Use Cases
Blockchain With IoT - Top Blockchain IoT Use CasesBlockchain With IoT - Top Blockchain IoT Use Cases
Blockchain With IoT - Top Blockchain IoT Use Cases101 Blockchains
 
Identity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolIdentity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolSSIMeetup
 
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...Kaliya "Identity Woman" Young
 
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' PoikolaSelf-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' PoikolaSSIMeetup
 
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemseIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemsSSIMeetup
 
Get Rich with Blockchain & Cryptocurrency
Get Rich with Blockchain & CryptocurrencyGet Rich with Blockchain & Cryptocurrency
Get Rich with Blockchain & Cryptocurrencykeerthi678722
 
Decentralized Identifier (DIDs) fundamentals deep dive
Decentralized Identifier (DIDs) fundamentals deep diveDecentralized Identifier (DIDs) fundamentals deep dive
Decentralized Identifier (DIDs) fundamentals deep diveSSIMeetup
 
Verifiable Credentials in Self-Sovereign Identity (SSI)
Verifiable Credentials in Self-Sovereign Identity (SSI)Verifiable Credentials in Self-Sovereign Identity (SSI)
Verifiable Credentials in Self-Sovereign Identity (SSI)Evernym
 
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...Gokul Alex
 
The Shift from Federated to Decentralized Identity
The Shift from Federated to Decentralized IdentityThe Shift from Federated to Decentralized Identity
The Shift from Federated to Decentralized IdentityEvernym
 
Blockchain Digital Transformation Presentation
Blockchain Digital Transformation PresentationBlockchain Digital Transformation Presentation
Blockchain Digital Transformation Presentation101 Blockchains
 
Barcelona presentationv6
Barcelona presentationv6Barcelona presentationv6
Barcelona presentationv6Mohan Venkataraman
 
Streetcred: Improving the Developer Experience in SSI – Michael Boyd
Streetcred: Improving the Developer Experience in SSI – Michael BoydStreetcred: Improving the Developer Experience in SSI – Michael Boyd
Streetcred: Improving the Developer Experience in SSI – Michael BoydSSIMeetup
 
Code for America 2018 - Using Hyperledger Technologies to Deliver Government ...
Code for America 2018 - Using Hyperledger Technologies to Deliver Government ...Code for America 2018 - Using Hyperledger Technologies to Deliver Government ...
Code for America 2018 - Using Hyperledger Technologies to Deliver Government ...Tracy Kuhrt
 
Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Synacts
 
OpenID Connect for Identity Assurance
OpenID Connect for Identity AssuranceOpenID Connect for Identity Assurance
OpenID Connect for Identity AssuranceTorsten Lodderstedt
 
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...OpenIDFoundation
 

More Related Content

What's hot

Verifiable Credentials & Legal Entity Identifiers (LEIs) | Evernym & GLEIF
Verifiable Credentials & Legal Entity Identifiers (LEIs) | Evernym & GLEIFVerifiable Credentials & Legal Entity Identifiers (LEIs) | Evernym & GLEIF
Verifiable Credentials & Legal Entity Identifiers (LEIs) | Evernym & GLEIFEvernym
 
Digital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksDigital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksEvernym
 
10 Best Professional Blockchain Courses And Certifications
10 Best Professional Blockchain Courses And Certifications10 Best Professional Blockchain Courses And Certifications
10 Best Professional Blockchain Courses And CertificationsBlockchain Council
 
Privacy in the Smart City
Privacy in the Smart CityPrivacy in the Smart City
Privacy in the Smart CityDavid Wood
 
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...SSIMeetup
 
Blockchain With IoT - Top Blockchain IoT Use Cases
Blockchain With IoT - Top Blockchain IoT Use CasesBlockchain With IoT - Top Blockchain IoT Use Cases
Blockchain With IoT - Top Blockchain IoT Use Cases101 Blockchains
 
Identity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolIdentity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolSSIMeetup
 
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...Kaliya "Identity Woman" Young
 
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' PoikolaSelf-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' PoikolaSSIMeetup
 
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemseIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemsSSIMeetup
 
Get Rich with Blockchain & Cryptocurrency
Get Rich with Blockchain & CryptocurrencyGet Rich with Blockchain & Cryptocurrency
Get Rich with Blockchain & Cryptocurrencykeerthi678722
 
Decentralized Identifier (DIDs) fundamentals deep dive
Decentralized Identifier (DIDs) fundamentals deep diveDecentralized Identifier (DIDs) fundamentals deep dive
Decentralized Identifier (DIDs) fundamentals deep diveSSIMeetup
 
Verifiable Credentials in Self-Sovereign Identity (SSI)
Verifiable Credentials in Self-Sovereign Identity (SSI)Verifiable Credentials in Self-Sovereign Identity (SSI)
Verifiable Credentials in Self-Sovereign Identity (SSI)Evernym
 
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...Gokul Alex
 
The Shift from Federated to Decentralized Identity
The Shift from Federated to Decentralized IdentityThe Shift from Federated to Decentralized Identity
The Shift from Federated to Decentralized IdentityEvernym
 
Blockchain Digital Transformation Presentation
Blockchain Digital Transformation PresentationBlockchain Digital Transformation Presentation
Blockchain Digital Transformation Presentation101 Blockchains
 
Streetcred: Improving the Developer Experience in SSI – Michael Boyd
Streetcred: Improving the Developer Experience in SSI – Michael BoydStreetcred: Improving the Developer Experience in SSI – Michael Boyd
Streetcred: Improving the Developer Experience in SSI – Michael BoydSSIMeetup
 
Code for America 2018 - Using Hyperledger Technologies to Deliver Government ...
Code for America 2018 - Using Hyperledger Technologies to Deliver Government ...Code for America 2018 - Using Hyperledger Technologies to Deliver Government ...
Code for America 2018 - Using Hyperledger Technologies to Deliver Government ...Tracy Kuhrt
 
Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Synacts
 

What's hot (20)

Verifiable Credentials & Legal Entity Identifiers (LEIs) | Evernym & GLEIF
Verifiable Credentials & Legal Entity Identifiers (LEIs) | Evernym & GLEIFVerifiable Credentials & Legal Entity Identifiers (LEIs) | Evernym & GLEIF
Verifiable Credentials & Legal Entity Identifiers (LEIs) | Evernym & GLEIF
 
Digital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksDigital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For Banks
 
10 Best Professional Blockchain Courses And Certifications
10 Best Professional Blockchain Courses And Certifications10 Best Professional Blockchain Courses And Certifications
10 Best Professional Blockchain Courses And Certifications
 
Privacy in the Smart City
Privacy in the Smart CityPrivacy in the Smart City
Privacy in the Smart City
 
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
 
Blockchain With IoT - Top Blockchain IoT Use Cases
Blockchain With IoT - Top Blockchain IoT Use CasesBlockchain With IoT - Top Blockchain IoT Use Cases
Blockchain With IoT - Top Blockchain IoT Use Cases
 
Identity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolIdentity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic Protocol
 
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
Identity is Changing: The Rise of Self-Sovereign Identity Infrastructure usin...
 
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' PoikolaSelf-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
 
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemseIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
 
Get Rich with Blockchain & Cryptocurrency
Get Rich with Blockchain & CryptocurrencyGet Rich with Blockchain & Cryptocurrency
Get Rich with Blockchain & Cryptocurrency
 
Decentralized Identifier (DIDs) fundamentals deep dive
Decentralized Identifier (DIDs) fundamentals deep diveDecentralized Identifier (DIDs) fundamentals deep dive
Decentralized Identifier (DIDs) fundamentals deep dive
 
Verifiable Credentials in Self-Sovereign Identity (SSI)
Verifiable Credentials in Self-Sovereign Identity (SSI)Verifiable Credentials in Self-Sovereign Identity (SSI)
Verifiable Credentials in Self-Sovereign Identity (SSI)
 
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
 
The Shift from Federated to Decentralized Identity
The Shift from Federated to Decentralized IdentityThe Shift from Federated to Decentralized Identity
The Shift from Federated to Decentralized Identity
 
Blockchain Digital Transformation Presentation
Blockchain Digital Transformation PresentationBlockchain Digital Transformation Presentation
Blockchain Digital Transformation Presentation
 
Barcelona presentationv6
Barcelona presentationv6Barcelona presentationv6
Barcelona presentationv6
 
Streetcred: Improving the Developer Experience in SSI – Michael Boyd
Streetcred: Improving the Developer Experience in SSI – Michael BoydStreetcred: Improving the Developer Experience in SSI – Michael Boyd
Streetcred: Improving the Developer Experience in SSI – Michael Boyd
 
Code for America 2018 - Using Hyperledger Technologies to Deliver Government ...
Code for America 2018 - Using Hyperledger Technologies to Deliver Government ...Code for America 2018 - Using Hyperledger Technologies to Deliver Government ...
Code for America 2018 - Using Hyperledger Technologies to Deliver Government ...
 
Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04
 

Similar to Open Banking beyond PSD2 in the EU

OpenID Connect for Identity Assurance
OpenID Connect for Identity AssuranceOpenID Connect for Identity Assurance
OpenID Connect for Identity AssuranceTorsten Lodderstedt
 
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...OpenIDFoundation
 
SSI, TBDex Overview
SSI, TBDex Overview SSI, TBDex Overview
SSI, TBDex Overview AlexLewin7
 
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO Alliance
 
[WSO2Con EU 2018] Identity APIs is the New Black
[WSO2Con EU 2018] Identity APIs is the New Black[WSO2Con EU 2018] Identity APIs is the New Black
[WSO2Con EU 2018] Identity APIs is the New BlackWSO2
 
Building a Fool Proof Security Strategy for PSD2 Compliance
Building a Fool Proof Security Strategy for PSD2 ComplianceBuilding a Fool Proof Security Strategy for PSD2 Compliance
Building a Fool Proof Security Strategy for PSD2 ComplianceWSO2
 
Consumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps
Consumer Identity: a Dutch Perspective on Benefits, Issues and Next StepsConsumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps
Consumer Identity: a Dutch Perspective on Benefits, Issues and Next Stepsguestbd878c
 
Consumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps (EI...
Consumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps (EI...Consumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps (EI...
Consumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps (EI...wegdam
 
Shaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityShaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityNoreen Whysel
 
Consumer identity @ Tuesday Update on 1 December 2009
Consumer identity @ Tuesday Update on 1 December 2009Consumer identity @ Tuesday Update on 1 December 2009
Consumer identity @ Tuesday Update on 1 December 2009wegdam
 
Secure and Accelerated PSD2 Compliance with WSO2 Open Banking - A Technical D...
Secure and Accelerated PSD2 Compliance with WSO2 Open Banking - A Technical D...Secure and Accelerated PSD2 Compliance with WSO2 Open Banking - A Technical D...
Secure and Accelerated PSD2 Compliance with WSO2 Open Banking - A Technical D...WSO2
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
 
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)Torsten Lodderstedt
 
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)Lal Chandran
 
Initio at World Blockchain & Cryptocurrency Summit 2018
Initio at World Blockchain & Cryptocurrency Summit 2018Initio at World Blockchain & Cryptocurrency Summit 2018
Initio at World Blockchain & Cryptocurrency Summit 2018Initio
 
Cloud Identity: A Recipe for Higher Education
Cloud Identity: A Recipe for Higher EducationCloud Identity: A Recipe for Higher Education
Cloud Identity: A Recipe for Higher EducationMike Schwartz
 
Globally Scalable Mobile Digital ID using IEEE P1451.99
Globally Scalable Mobile Digital ID using IEEE P1451.99Globally Scalable Mobile Digital ID using IEEE P1451.99
Globally Scalable Mobile Digital ID using IEEE P1451.99Peter Waher
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Mike Schwartz
 

Similar to Open Banking beyond PSD2 in the EU (20)

OpenID Connect for Identity Assurance
OpenID Connect for Identity AssuranceOpenID Connect for Identity Assurance
OpenID Connect for Identity Assurance
 
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
 
SSI, TBDex Overview
SSI, TBDex Overview SSI, TBDex Overview
SSI, TBDex Overview
 
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
 
[WSO2Con EU 2018] Identity APIs is the New Black
[WSO2Con EU 2018] Identity APIs is the New Black[WSO2Con EU 2018] Identity APIs is the New Black
[WSO2Con EU 2018] Identity APIs is the New Black
 
Building a Fool Proof Security Strategy for PSD2 Compliance
Building a Fool Proof Security Strategy for PSD2 ComplianceBuilding a Fool Proof Security Strategy for PSD2 Compliance
Building a Fool Proof Security Strategy for PSD2 Compliance
 
Consumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps
Consumer Identity: a Dutch Perspective on Benefits, Issues and Next StepsConsumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps
Consumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps
 
Consumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps (EI...
Consumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps (EI...Consumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps (EI...
Consumer Identity: a Dutch Perspective on Benefits, Issues and Next Steps (EI...
 
Shaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityShaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital Identity
 
Consumer identity @ Tuesday Update on 1 December 2009
Consumer identity @ Tuesday Update on 1 December 2009Consumer identity @ Tuesday Update on 1 December 2009
Consumer identity @ Tuesday Update on 1 December 2009
 
GAIN Presentation.pptx
GAIN Presentation.pptxGAIN Presentation.pptx
GAIN Presentation.pptx
 
Secure and Accelerated PSD2 Compliance with WSO2 Open Banking - A Technical D...
Secure and Accelerated PSD2 Compliance with WSO2 Open Banking - A Technical D...Secure and Accelerated PSD2 Compliance with WSO2 Open Banking - A Technical D...
Secure and Accelerated PSD2 Compliance with WSO2 Open Banking - A Technical D...
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
 
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)
 
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
EUDI wallets with OpenID for verifiable credentials (OID4VCI/OID4VP)
 
Initio at World Blockchain & Cryptocurrency Summit 2018
Initio at World Blockchain & Cryptocurrency Summit 2018Initio at World Blockchain & Cryptocurrency Summit 2018
Initio at World Blockchain & Cryptocurrency Summit 2018
 
Cloud Identity: A Recipe for Higher Education
Cloud Identity: A Recipe for Higher EducationCloud Identity: A Recipe for Higher Education
Cloud Identity: A Recipe for Higher Education
 
Globally Scalable Mobile Digital ID using IEEE P1451.99
Globally Scalable Mobile Digital ID using IEEE P1451.99Globally Scalable Mobile Digital ID using IEEE P1451.99
Globally Scalable Mobile Digital ID using IEEE P1451.99
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
 

More from OpenID Foundation Japan

20231109_OpenID_TechNight_OpenID_Federation.pdf
20231109_OpenID_TechNight_OpenID_Federation.pdf20231109_OpenID_TechNight_OpenID_Federation.pdf
20231109_OpenID_TechNight_OpenID_Federation.pdfOpenID Foundation Japan
 
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15OpenID Foundation Japan
 
次世代 KYC に関する検討状況 - OpenID BizDay #15
次世代 KYC に関する検討状況 - OpenID BizDay #15次世代 KYC に関する検討状況 - OpenID BizDay #15
次世代 KYC に関する検討状況 - OpenID BizDay #15OpenID Foundation Japan
 
OpenID Connectと身元確認/KYCのトレンド - 法人 KYCの現状 - OpenID BizDay #14
OpenID Connectと身元確認/KYCのトレンド - 法人 KYCの現状 - OpenID BizDay #14OpenID Connectと身元確認/KYCのトレンド - 法人 KYCの現状 - OpenID BizDay #14
OpenID Connectと身元確認/KYCのトレンド - 法人 KYCの現状 - OpenID BizDay #14OpenID Foundation Japan
 
次世代KYCのあるべき姿 - OpenID BizDay #14
次世代KYCのあるべき姿 - OpenID BizDay #14次世代KYCのあるべき姿 - OpenID BizDay #14
次世代KYCのあるべき姿 - OpenID BizDay #14OpenID Foundation Japan
 
法人認証基盤GビズIDと今後の法人KYC - OpenID BizDay #14
法人認証基盤GビズIDと今後の法人KYC - OpenID BizDay #14法人認証基盤GビズIDと今後の法人KYC - OpenID BizDay #14
法人認証基盤GビズIDと今後の法人KYC - OpenID BizDay #14OpenID Foundation Japan
 
OpenID Foundation/JapanにおけるKYCに関する取り組み概要 - OpenID BizDay #14
OpenID Foundation/JapanにおけるKYCに関する取り組み概要 - OpenID BizDay #14OpenID Foundation/JapanにおけるKYCに関する取り組み概要 - OpenID BizDay #14
OpenID Foundation/JapanにおけるKYCに関する取り組み概要 - OpenID BizDay #14OpenID Foundation Japan
 
DXをささえる銀行API - OpenID BizDay #13
DXをささえる銀行API - OpenID BizDay #13DXをささえる銀行API - OpenID BizDay #13
DXをささえる銀行API - OpenID BizDay #13OpenID Foundation Japan
 
オープンAPIのニーズと現状の課題 - OpenID BizDay #13
オープンAPIのニーズと現状の課題 - OpenID BizDay #13オープンAPIのニーズと現状の課題 - OpenID BizDay #13
オープンAPIのニーズと現状の課題 - OpenID BizDay #13OpenID Foundation Japan
 
B2C企業向けクラウドID基盤「 SELMID 」のご紹介 - OpenID Summit 2020
B2C企業向けクラウドID基盤「 SELMID 」のご紹介 - OpenID Summit 2020B2C企業向けクラウドID基盤「 SELMID 」のご紹介 - OpenID Summit 2020
B2C企業向けクラウドID基盤「 SELMID 」のご紹介 - OpenID Summit 2020OpenID Foundation Japan
 
OpenIDConnectを活用したgBizID(法人共通認証基盤)の現状と今後の展望 - OpenID Summit 2020
OpenIDConnectを活用したgBizID(法人共通認証基盤)の現状と今後の展望 - OpenID Summit 2020OpenIDConnectを活用したgBizID(法人共通認証基盤)の現状と今後の展望 - OpenID Summit 2020
OpenIDConnectを活用したgBizID(法人共通認証基盤)の現状と今後の展望 - OpenID Summit 2020OpenID Foundation Japan
 
OpenID Connect Client Initiated Backchannel Authentication Flow (CIBA)のご紹介 ~ ...
OpenID Connect Client Initiated Backchannel Authentication Flow (CIBA)のご紹介 ~ ...OpenID Connect Client Initiated Backchannel Authentication Flow (CIBA)のご紹介 ~ ...
OpenID Connect Client Initiated Backchannel Authentication Flow (CIBA)のご紹介 ~ ...OpenID Foundation Japan
 
銀行オープンAPIの実装これまでの歩みとこれから必要なこと - OpenID Summit 2020
銀行オープンAPIの実装これまでの歩みとこれから必要なこと - OpenID Summit 2020銀行オープンAPIの実装これまでの歩みとこれから必要なこと - OpenID Summit 2020
銀行オープンAPIの実装これまでの歩みとこれから必要なこと - OpenID Summit 2020OpenID Foundation Japan
 
韓国における FIDO/ eKYC /DID の現状と今後の取り組み - OpenID Summit 2020
韓国における FIDO/ eKYC /DID の現状と今後の取り組み - OpenID Summit 2020韓国における FIDO/ eKYC /DID の現状と今後の取り組み - OpenID Summit 2020
韓国における FIDO/ eKYC /DID の現状と今後の取り組み - OpenID Summit 2020OpenID Foundation Japan
 
OIDC活⽤で⽬指す⼈やサービスがつながる世界の社会実装 - OpenID Summit 2020
OIDC活⽤で⽬指す⼈やサービスがつながる世界の社会実装 - OpenID Summit 2020OIDC活⽤で⽬指す⼈やサービスがつながる世界の社会実装 - OpenID Summit 2020
OIDC活⽤で⽬指す⼈やサービスがつながる世界の社会実装 - OpenID Summit 2020OpenID Foundation Japan
 
OpenIDファウンデーション・ジャパンKYC WGの活動報告 - OpenID Summit 2020
OpenIDファウンデーション・ジャパンKYC WGの活動報告 - OpenID Summit 2020OpenIDファウンデーション・ジャパンKYC WGの活動報告 - OpenID Summit 2020
OpenIDファウンデーション・ジャパンKYC WGの活動報告 - OpenID Summit 2020OpenID Foundation Japan
 
次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020
次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020
次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020OpenID Foundation Japan
 
Personal Digital Transformation and Holistic Digital Identity - OpenID Summit...
Personal Digital Transformation and Holistic Digital Identity - OpenID Summit...Personal Digital Transformation and Holistic Digital Identity - OpenID Summit...
Personal Digital Transformation and Holistic Digital Identity - OpenID Summit...OpenID Foundation Japan
 
The Future of Identity - OpenID Summit 2020
The Future of Identity - OpenID Summit 2020The Future of Identity - OpenID Summit 2020
The Future of Identity - OpenID Summit 2020OpenID Foundation Japan
 

More from OpenID Foundation Japan (20)

20231109_OpenID_TechNight_OpenID_Federation.pdf
20231109_OpenID_TechNight_OpenID_Federation.pdf20231109_OpenID_TechNight_OpenID_Federation.pdf
20231109_OpenID_TechNight_OpenID_Federation.pdf
 
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15
IDA,VC,DID関連仕様 最新情報 - OpenID BizDay #15
 
FAPI 最新情報 - OpenID BizDay #15
FAPI 最新情報 - OpenID BizDay #15FAPI 最新情報 - OpenID BizDay #15
FAPI 最新情報 - OpenID BizDay #15
 
次世代 KYC に関する検討状況 - OpenID BizDay #15
次世代 KYC に関する検討状況 - OpenID BizDay #15次世代 KYC に関する検討状況 - OpenID BizDay #15
次世代 KYC に関する検討状況 - OpenID BizDay #15
 
OpenID Connectと身元確認/KYCのトレンド - 法人 KYCの現状 - OpenID BizDay #14
OpenID Connectと身元確認/KYCのトレンド - 法人 KYCの現状 - OpenID BizDay #14OpenID Connectと身元確認/KYCのトレンド - 法人 KYCの現状 - OpenID BizDay #14
OpenID Connectと身元確認/KYCのトレンド - 法人 KYCの現状 - OpenID BizDay #14
 
次世代KYCのあるべき姿 - OpenID BizDay #14
次世代KYCのあるべき姿 - OpenID BizDay #14次世代KYCのあるべき姿 - OpenID BizDay #14
次世代KYCのあるべき姿 - OpenID BizDay #14
 
法人認証基盤GビズIDと今後の法人KYC - OpenID BizDay #14
法人認証基盤GビズIDと今後の法人KYC - OpenID BizDay #14法人認証基盤GビズIDと今後の法人KYC - OpenID BizDay #14
法人認証基盤GビズIDと今後の法人KYC - OpenID BizDay #14
 
OpenID Foundation/JapanにおけるKYCに関する取り組み概要 - OpenID BizDay #14
OpenID Foundation/JapanにおけるKYCに関する取り組み概要 - OpenID BizDay #14OpenID Foundation/JapanにおけるKYCに関する取り組み概要 - OpenID BizDay #14
OpenID Foundation/JapanにおけるKYCに関する取り組み概要 - OpenID BizDay #14
 
DXをささえる銀行API - OpenID BizDay #13
DXをささえる銀行API - OpenID BizDay #13DXをささえる銀行API - OpenID BizDay #13
DXをささえる銀行API - OpenID BizDay #13
 
オープンAPIのニーズと現状の課題 - OpenID BizDay #13
オープンAPIのニーズと現状の課題 - OpenID BizDay #13オープンAPIのニーズと現状の課題 - OpenID BizDay #13
オープンAPIのニーズと現状の課題 - OpenID BizDay #13
 
B2C企業向けクラウドID基盤「 SELMID 」のご紹介 - OpenID Summit 2020
B2C企業向けクラウドID基盤「 SELMID 」のご紹介 - OpenID Summit 2020B2C企業向けクラウドID基盤「 SELMID 」のご紹介 - OpenID Summit 2020
B2C企業向けクラウドID基盤「 SELMID 」のご紹介 - OpenID Summit 2020
 
OpenIDConnectを活用したgBizID(法人共通認証基盤)の現状と今後の展望 - OpenID Summit 2020
OpenIDConnectを活用したgBizID(法人共通認証基盤)の現状と今後の展望 - OpenID Summit 2020OpenIDConnectを活用したgBizID(法人共通認証基盤)の現状と今後の展望 - OpenID Summit 2020
OpenIDConnectを活用したgBizID(法人共通認証基盤)の現状と今後の展望 - OpenID Summit 2020
 
OpenID Connect Client Initiated Backchannel Authentication Flow (CIBA)のご紹介 ~ ...
OpenID Connect Client Initiated Backchannel Authentication Flow (CIBA)のご紹介 ~ ...OpenID Connect Client Initiated Backchannel Authentication Flow (CIBA)のご紹介 ~ ...
OpenID Connect Client Initiated Backchannel Authentication Flow (CIBA)のご紹介 ~ ...
 
銀行オープンAPIの実装これまでの歩みとこれから必要なこと - OpenID Summit 2020
銀行オープンAPIの実装これまでの歩みとこれから必要なこと - OpenID Summit 2020銀行オープンAPIの実装これまでの歩みとこれから必要なこと - OpenID Summit 2020
銀行オープンAPIの実装これまでの歩みとこれから必要なこと - OpenID Summit 2020
 
韓国における FIDO/ eKYC /DID の現状と今後の取り組み - OpenID Summit 2020
韓国における FIDO/ eKYC /DID の現状と今後の取り組み - OpenID Summit 2020韓国における FIDO/ eKYC /DID の現状と今後の取り組み - OpenID Summit 2020
韓国における FIDO/ eKYC /DID の現状と今後の取り組み - OpenID Summit 2020
 
OIDC活⽤で⽬指す⼈やサービスがつながる世界の社会実装 - OpenID Summit 2020
OIDC活⽤で⽬指す⼈やサービスがつながる世界の社会実装 - OpenID Summit 2020OIDC活⽤で⽬指す⼈やサービスがつながる世界の社会実装 - OpenID Summit 2020
OIDC活⽤で⽬指す⼈やサービスがつながる世界の社会実装 - OpenID Summit 2020
 
OpenIDファウンデーション・ジャパンKYC WGの活動報告 - OpenID Summit 2020
OpenIDファウンデーション・ジャパンKYC WGの活動報告 - OpenID Summit 2020OpenIDファウンデーション・ジャパンKYC WGの活動報告 - OpenID Summit 2020
OpenIDファウンデーション・ジャパンKYC WGの活動報告 - OpenID Summit 2020
 
次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020
次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020
次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020
 
Personal Digital Transformation and Holistic Digital Identity - OpenID Summit...
Personal Digital Transformation and Holistic Digital Identity - OpenID Summit...Personal Digital Transformation and Holistic Digital Identity - OpenID Summit...
Personal Digital Transformation and Holistic Digital Identity - OpenID Summit...
 
The Future of Identity - OpenID Summit 2020
The Future of Identity - OpenID Summit 2020The Future of Identity - OpenID Summit 2020
The Future of Identity - OpenID Summit 2020
 

Recently uploaded

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 

Recently uploaded (20)

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 

Open Banking beyond PSD2 in the EU

  • 1. Open Banking beyond PSD2 in the EU Torsten Lodderstedt @tlodderstedt yes®
  • 2. Background ● Software Engineer (Ph.D in computer science) with strong interest in identity and security ● CTO at yes.com (open banking ecosystem) ● Before: quite some time in IT Consulting (public, banking, railway communication, telecommunication), Consumer Identity Management at Deutsche Telekom ● Regular contributor to OAuth & OpenId ● Current focus: OAuth & OpenId for Open Banking & security-sensitive applications ● FAPI & eKYC & Identity Assurance WG, Editor of OAuth Security BCP, PAR & RAR & JARM
  • 3. Open Banking prior PSD2 ● Use Cases ○ Personal Finance Management (PFM) ○ Payment ○ Credit Rating ○ Identity Verification ● Technology ○ Screen Scraping, dedicated interfaces (e.g. HBCI/FinTS in Germany) ● Challenges ○ Screen Scraping is fragile, insecure, expensive ○ Interfaces not intended for web/app scenarios, credentials entered at the 3rd party ○ Liabilities unclear, security concerns, legal disputes
  • 4. Payment Service Directive 2 (PSD2) ● EU Directive obliging any financial institution operating in the EU to provide ○ Access to Account Information (Accounts, Balances, Transactions) and ○ Payment Initiation ● to authorized third parties (TPPs) and ● to implement Strong Customer Authentication for any online access to payment accounts ● Objectives: establish regulatory regime (liability), increase security, foster innovation, reduce payments cost
  • 5. ® PSD2: The Big Picture European Union 28 Member States PSD2 RTS Regulatory Technical Standards Local Law Technical Standards STET, BG, UK OB, Polish API, … Financial-Grade API WG (profile & support) About 6000 Financial Institutions Within 18 months (until 14th of Sept. 2019)
  • 6. PSD2: Status ● In transition phase, not fully operational from a customer’s perspective ● Lack of interoperability across financial institutions and member states ● Alignment among three major API initiatives under the Swift umbrella ○ OpenID Foundation/FAPI invited to contribute security profile
  • 7. Beyond PSD2 (Scope) ● Different parties with different interests ● Merchants want better payment services (e.g. invoice, deferred, guaranteed) ● Regulator (EBA) wants EU-wide payment scheme based on current accounts ● Traditional TPPs want more data for identity verification, credit scoring & payments risk assessment Key Question: Willingness to Pay? ● Financial Institutions want a business case and leverage their tremendous investments in the open banking infrastructure
  • 8. Why is identity so important? A digital society needs reliable digital identities. ● eGovernment ● Access to Health Data ● Financial service (AML/CFT) ● Telecommunications ● Fraud prevention ● Risk mitigation
  • 9. Bank Identity as a Service ● Financial Institutions verify and maintain identity data for every person authorized for an bank account according to local anti-money laundering law ● This data is bound to online banking user accounts equipped with credentials for multi factor authentication (SCA in the EU) ● User Account Lifecycle management in place ● Leveraging this assets as Identity Provider to 3rd parties is an opportunity to provide new services to existing customers and to create a revenue stream ○ Authentication as a Service ○ High Level Identity Assurance ○ Further person-related data (e.g. credit score)
  • 10. OpenID Connect ● Given most PSD2 APIs are based on OAuth, using OpenID to provide identity services is the obvious choice ● Challenges with current state of the art ○ Lack of reach - not enough suitable claims sources ○ Lack of interoperability - e.g. data is interpreted based on implicit attestation ● OpenID Foundation has started WG to define OpenID Connect extension for high-level Identity Assurance ● Suitable for all kinds of IDPs (governments, mobile operators, financial institutions, …)
  • 11. ® OpenID Connect 4 Identity Assurance ● Current Draft: https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html ● Representation for verified claims and associated metadata & evidence ● Enables legal compliance for relevant use cases ● Adopted as Implementer’s Draft
  • 12. ® Explicit Attestation ● Trust framework the IDP complies with ● Time of verification ● Verifier: what party verified the user‘s identity ● Evidence: which evidence where used ● Verification Method: how were the evidence verified
  • 13. ® Verification Data Structure (Example) German Anti-Money Laundering Act Physical In-Person Proofing External Verifier on behalf of IDP Proofing via ID Card
  • 14. ® International ● Specification includes (growing number) of pre-defined identifiers for ○ Trust frameworks, e.g. eIDAS, NIST 800-63A, Japanese & German AML ○ Identity documents, e.g. ID Card, Passport, Driving Permit ○ Verification Methods, e.g. „Physical In-Person Proofing and „Supervised remote In-Person Proofing“ ● So far contributions from UK, US, CA, DE, and JP ● Looking for even broader group of participants!
  • 15. ® No Ambiguities ● Claims with attestation are represented in data structure along with verification metadata ● Also allows to use existing OpenID Connect Claims alongside verified claims in the same transaction
  • 17. ® Privacy Preserving ● RP asks for individual Claims and Verification data elements ● Purpose of inquiry can be conveyed (per transaction or individual claim)
  • 18. ® Example Request Required trust framework: eIDAS Identity Assurance Level „substantial“ Requested user claims evidence type and and verification method but not the evidence itself
  • 19. ® Versatile ● Representation can be used in a variety of channels (even beyond OpenID Connect): ○ ID Token ○ User Info ○ Access Tokens ○ Token Introspection Responses
  • 20. ® Status ● Initial contribution based on implementation experience at yes.com ● Draft quickly evolved through international contributions ● Several implementations of the current draft in progress ● Set up dedicated working group for Identity Assurance ○ Please join!
  • 21. Q&A! Latest Drafts & Publications OpenID Connect 4 Identity Assurance https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html OAuth 2.0 Security Best Current Practice https://tools.ietf.org/html/draft-ietf-oauth-security-topics OAuth 2.0 Pushed Authorization Requests (PAR) https://tools.ietf.org/html/draft-ietf-oauth-par OAuth 2.0 Rich Authorization Requests (RAR) https://tools.ietf.org/html/draft-lodderstedt-oauth-rar JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) https://openid.net/specs/openid-financial-api-jarm-ID1.html Cross-Browser Payment Initiation Attack https://cutt.ly/cross-browser-payment-initation Dr. Torsten Lodderstedt CTO, yes.com torsten@yes.com @tlodderstedt yes® Talk to me about - OpenID Connect 4 Identity Assurance - OAuth Security Best Practices & FAPI - The OAuth Security Workshop - Other emerging OAuth & OpenID stuff - Partnering with and working at yes.com