This document discusses ForgeRock's identity and access management solutions and provides examples of how they can be used in banking applications. It summarizes a banking demo user journey that shows enhancing authentication with push authentication, accessing account balances in a mobile app through an API gateway, adding a payee with facial recognition step-up authentication, sharing account data with an accountant using User Managed Access, checking balances with Amazon Alexa, and authorizing money transfers with Alexa using push authentication.

1. © 2016 ForgeRock. All rights reserved.
Banking Demo
PSD2 Flows

2. © 2016 ForgeRock. All rights reserved.
•Fastest-growing open source identity security
software company in the world
•Founded: 2010
•Headquartered in San Francisco with offices
in 10 countries
•Employees: 400+
•Customers: 600+ Enterprises in 30+ countries
•Global Reach: ~50% international revenue
•Funding to Date (thru Series C): $52M
•Investors: Accel Partners, Foundation Capital
and Meritech Capital Partners
Key Facts Mission Statement
ForgeRock: At a Glance
The ForgeRock Identity
Platform currently powers
more than 800 million
identities. It is our goal to
become the market leader
in digital transformation
and security for enterprise
identity worldwide.

3. © 2016 ForgeRock. All rights reserved.
Banking Demo Architecture
Bank Website
Amazon
Echo
Alexa
App
iProov
Auth
Forge
Bank
App
Parsley
Accounting
Push
Auth

4. © 2016 ForgeRock. All rights reserved.
ForgeRock Authentication
ForgeRock
Authentication
Service
Contextual
Adaptive
Strengths (LOA)
Multifactor
ExtensibleFrictionless
Module
Step up
Module
Module
Custom
Module
Any identity
plug-in
scriptable
external cred stores
external cred stores
94
Risk Score
Access Management

5. © 2016 ForgeRock. All rights reserved.
Banking Demo User Journey
• Enhance authentication : Logs in with ForgeRock Push
Authentication.
• Mobile Application : Retrieves balance securely using API
gateway to mobile app.
• Dynamic Authorization : Adds a new payee with iproov
facial recognition step up.
• Privacy & Consent : Shares account data with accountant
using UMA.

6. © 2016 ForgeRock. All rights reserved.
PSD2 and ForgeRock: Banking
agregator example

7. © 2016 ForgeRock. All rights reserved.
User Managed Access (UMA) and
GDPR
Regard for one's wishes
and preferences
The true ability to say no
and change one's mind
The ability to share
just the right amount
The right moment to
make the decision to share CONTEXT CONTROL
RESPECTCHOICE
UMA is an emerging standard for privacy and consent

8. © 2016 ForgeRock. All rights reserved.
AISP Demo Flow
1. Enroll to share data
2. Request access to data
3. Receive sharing request
4. Approve sharing
5. Access data
ForgeRock at
every step
1. Create an UMA share
2. Make a UMA request for data
protected by ForgeRock
3. Receive UMA request
4. Authorize UMA request and
create permissions
5. Use UMA permissions to
request an OAuth2 token and
use this to securely access
data

9. © 2016 ForgeRock. All rights reserved.
Banking Demo User Journey
• Innovation : Links ForgeBank skill and checks balance with
Amazon Alexa.
• Secure user journey : Transfers money with Alexa and
authorizes with push authorization

10. © 2016 ForgeRock. All rights reserved.
Banking Demo User Journey
• Enhance authentication
• Mobile Application
• Dynamic Authorization
• Privacy & Consent
• Innovation
• Secure user journey