[WSO2 Summit EMEA 2020] Experiencing the Benefits of API Driven Open Banking
1. Digital Supply Chain for Banking
Experiencing the Benefits of API Driven Open Banking
Wondering.. Whats
Supply Chain doing here
....
Lets experience it now
Open Banking is not ONLY about APIs ...
Its about Security and Trust too ...
because we share Information only with TRUSTED entities ...
2. Introducing the Topic - The ‘Supply Chain’ in the API Context
2
Seemingly
Simple
Reality
In Banking, the actors are similar -- Consumers - Individuals/SMEs/Corporates, Product and Service Owners (Banks, ATM Managers, Payment Service
Providers, Complementing Product providers ... ) , Regulators | EVERY BANK HAS AN ECO-SYSTEM TO OPERATE
API’s play the most significant role of a Connector ... and ensure Safety, Security for the entire EcoSystem ..
Sour
cing
Mfg
Distr
ibuti
on
Sale
s
Con
sum
ption
Discovery
(Data / Products)
Build / Dev /
Consume
Deployment
Subscription /
Acquisition
Experience
The Digital
Lifecycle
3. About Intellect Design and a bit about Me ...
3
• Have been a Technocrat all my
life ... Believe in Open Source
• Joined Intellect Design (Polaris
Software Labs) in 2005
• Experience in PreSales,
Engineering, Solution
Architecture, Delivery
• Work towards innovative design in
architecture
4. A Prelude to the Ode ...
4
The Why ...
As consumers,
how many of us wished if our
bank offered more value
how many times have we felt
we didnt know banking
how many of us felt the need
for Account Portability.
how many of us felt our money
is not earning
how many of us felt making a
payment is cumbersome and
unsafe
So..What do WE need ...
We DONT need to know
BANKING to be a Banking
Customer
We need to be respected as
consumers ...
We dont want to be sticky ...
If somebody else offers me to
fulfill my ‘financial needs‘ I should
be able to make the switch
EASILY
We need a faster and a SAFER
banking model ...
What is the Solution ...
Sharing Customer's Account, Txn Info,
Bank's Open Data (Product,
SLAs,ATMs, Branches) with
complementing Third Party
Companies/Fintechs that use these to
offer specialized services that Banks
otherwise dont offer.
Facilitate Universal Product Bundling |
Complement using Financial Products
Banks cant offer ..∴ Its about Ease of
Life and “No Info Assymetry” for the
Bank’s Customers ...
So, Fundamentally Banks need
>>> APIs .. Same API for all
>>> Safety, Security, Consent
5. The Problem Statement
5
The Background
A Private Banking Subsidiary of a large CMA-9 Bank in the UK had just embarked on an expansive Digital
Transformation agenda. The Bank’s unique business model of being Branch less and focus towards
acquiring more IFAs (Independent Financial Advisor) posed a distinct Business Challenge to Vendors.
Intellect Design Arena was selected to ‘Change & Run the Bank’ on a Software as a Service Model that
included Digital Banking, Core Banking, Payments and Open Banking ==> Complete DIGITAL
TRANSFORMATION ...
The Context and Problem Domain
Compliance was KEY to the whole agenda. The bank had to implement Open Banking as part of the
Transformation. With the deadline nearing, they approached Intellect to help them engineer and implement
PSD2 and Open Banking. What was required was experience, expertise and technical brilliance.
Problem Definition
Intellect required a Technically Strong, Complimenting partner to deliver Open Banking to it’s Client. We
required a “Bolt-On” API Engine with built-in OIDC (OAUTH2) Profile capability.
Then began the Intellect-WSO2 Journey ...
6. Intellect-WSO2 Journey
6
Why OEM with WSO2 Technology?
>> Strong technical and flexible OEM business partnership model
>> WSO2’s Contribution to the Open Source World
>> Technical and Functional knowledge
>> Expertise in complete API lead integration, API Security, Identity and Access Management
>> Component flexibility to work with Intellect platforms
>> And our confidence in the Intellect-WSO2 Combo
Helper Kits
>> OEM friendly process
>>> Enablement (Promote Self Servicing), 24x7 support, Strategic technology alliance for LTS
>> Global recognize loosely coupled solution with easy to manage plug-in and plug-out of solution components
>> Quick Start Programs and consultancy services
>> Enable refactorable enterprise with proactive patching and regular security updates
Where we are now ..
>> OBIE remarked that ...” the Architecture was by far the best technical presentation “
>> Live on OBIE API Version 3
>> 16+ APIs in the Open Banking Standard
>> 10+ 3rd TPPs onboarded in full [ Expected to double in a few months ]
>> Plans for 2020-21: Extend this platform to beyond UK ==> Sweden, Germany, Nordic region (WSO2 is
already compliant with the Open Banking Berlin group Standard)
7. Identity Access
Manager
Solution Context and Architecture ....
API Manager
Open API
Intellect
Interface
Intellect
Digital Core
Private API
Intellect
Payments
Private API
Intellect ARX
Bank’s Fraud
System
Private APIIntellect
Interface
Intellect ARX
Bank’s
Payment Hub
Private API
Process
API
Customer
Store
• Bolt-on
• Built-in Security Profile
• Integrated with Intellect’s IAM
• Flexible Deployment Model
• Embedded into the EcoSystem
• Distribution Systems
• Fraud Systems
• Data Lake
Powered by WSO2 Intellect Products Bank’s Platforms
9. “Cause and Effect” or “Effect of the Cause”
9
Business Impact
• Complete conformance in the following domains:
• Fully Live: Sandbox and Production Ready
• 10 TPPs OnBoarded already (In talks with Many more ...)
• While Compliance and Conformance was the Objective for 2019-20 ....
• 2020-21 is the year for Expansion and Monetization
Operational Excellence
• 4 Member PMO and Testing team from the Bank + 5 Member technical team from Intellect
• Backed by the best-in class WSO2 Technical Teams
• Less than 5 Production Issues faced
Success Drivers
• WSO2s OB Ready Platforms
• Significant time and Objective orientation during QSP
• Extreme Collaboration, Excellent Skills, Attitude, Intent from Intellect and WSO2 Teams .. Always one
• High Quality Documentation and Knowledge Base
• https://docs.wso2.com/ | https://docs.wso2.com/display/Security/Security+Advisories
• Adaptive and Updated
• A “RegTech” implementation, periodic changes are imperative
Open Data API
Read / Write API
(AIS + PIS)
Customer XP
Guidelines
OB Security
Profile
Dynamic Client
Registration
FAPI Profile
10. Compliance and Certifications
> Achieved Security Conformance
> Achieved Functional Conformance for AISP and PISP
> Performance Benchmarked @ 13 APIs per Second @ 1.17 Second response (End to End)
10
11. The ‘Supply Chain Connectors’ that WSO2+Intellect have Engineered
1. Account
Request 2. Accounts 3. Balances
4.
Beneficiaries
5. Direct
Debits
6. Products –
Biz
7. Products –
Personal
8. Scheduled
Payments
9. Standing
Orders
10.
Statements
11.
Transactions
1. Payment Init
• POST
• GET
2. Payment
Submission
• POST
• GET
1. ATM
API
2. BCA
API
3. PCA
API
I. Account &
Transaction APIs
II. Payment APIs
III. Open Data APIs