Contenu connexe Similaire à An Entry Point to Impactful Open Banking Architecture (20) An Entry Point to Impactful Open Banking Architecture3. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
Agenda
● Global Open Banking Patterns
● Reference Architecture - PSD2, CDR, Mexico, Brazil
● Journey of an Open Banking Project
● Lessons Learnt
● Beyond Open Banking
3
5. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
Open Banking Across the World
5
9
Canadian National Debt
Payment Framework
8
Mexico Fintech Law
Open Banking for Brazil
Banco Central do Brasil
10
Open Banking
UK
(OBUK)
1
Smart Nation Singapore
Finance-as-a-Service Initiative
Open Banking
Foundation
Nigeria
7
Consumer Data Right (CDR)
that covers multiple
industry verticals (banking,
telco, energy)
5
NZ payments and
Accounts API Standard -
PaymentsNZ
6
3
Open API Program for Banking
Hong Kong Monetary Authority
(HKMA)
4
European Union
(PSD2)
2
6. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
Conceptual Evolution of Open Banking
6
Payments Payments + Retail Banking
2003 2007 2015 2019 2020
Open API Framework + Phased Approach
Consumer Data and Payments
PSD1
(EU)
PSD2
(EU)
GDPR“Open
Innovation”
Concept
OB UK
CDR
Australia
Monetary Authority
of Singapore (MAS)
Hong Kong Monetary
Authority (HKMA)
Brazil
Fintech Law
20182016
Finance-as-a-Service + API registry
Consumer Data - Across Many Industry Verticals
7. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
What are the Drivers?
● Reduce friction
● Fair competition
● Collaboration
● Improved consumer experience
7
9. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
Maturity—Digital Transformation
● Maturity of business
● Maturity of technical leadership and engineering organization
● Maturity of systems
● Quality of data and clarity of processes
● Depth of understanding—compliance
9
10. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
Maturity—An Example
10
Embrace
Open
standards
Data
Science-
Focused
Startup
Culture
API CoEEcosystem
Agile,
Independent
Teams
Maturity
Product
Manager
Innovation
Manager
Architect
Compliance
Manager
Data Architect
Full Stack
Engineers
Business
Analyst
Strong focus on
1. Agility
2. Being consumer-centric
3. Innovative business models
● POS financing
● SME real-time lending
11. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
High-Level Platform Architecture
11
Digital Banking
Core Banking
Payments
Risk & Fraud
Audit & Disputes
API Gateway
(Dedicated or
Transient)
Developer Portal
API Analytics
Monetization
Identity & Access
Management
“Strong Customer
Authentication”
Client Registry
Metadata
Management
Consent
Regulator
Sandbox
Integration
&
Messaging
security / Reporting
TPP or ADR
Developer
Engagement
12. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
Consumer Data Integration
12
Integration
&
Messaging
StandardInterface
Consumer
Account
Product
Payments
Transactions
Compliant
Broker
Local/Cloud
Adaptor
Connector
Internal
Gateway
Monolith
File Types
System
Roadmap
SQL
Datamodel
Microservices
Protocol
Service
Mesh
Multi-Version
Distributed
Lifecycle
NoSQL
Non-Standard
e.g: Apache Kafka, IBM MQ
e.g: MS Excel, CSV, txt
e.g: IBM AS/400, IBM Z360, UltraData, Finacle
e.g: Oracle DB, Snowflake, Cassandra
API
Event
File
System
Persistence
Store
13. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
Consumer Data Integration—Challenges
13
● Performance
● Availability
● Data model unique to the bank / system
● Access
● Non-standard interface
● Ownership
Circuit Breaker
Data Lake
Inflight
Transformation
14. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
KYC—Identity & Consent
14
Identity Store
Integration
Identity
Federation
Identity
Bridging
Entitlement
IdentityInterface
Consent
Management
External Identity
Store
Persistence Store
Cloud
System
IdP
Client Register
LDAP / AD
DB
Digital Banking
ISAM
Core Banking
Non-Standard
API
{SAML SSO, OIDC, SCIM}
Consent
Register
15. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
API Gateway
15
Elastic Scaling
Control Plane
Developer Content
Synthetic DataMicro API
Gateway
Infosec
API
Monetize
Structural
Conformance
Support
Open Standards
Partner
(Commitment)
Open API
API Sandbox
API
Marketplace
Services
Micro API
Gateway
Micro API
Gateway
Spec. Version
Handling
Query &
Pagination
Other APIs
Voluntary Data
gRPC / GraphQL
API Analytics
Data Plane
16. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
A Reference Architecture
16
: OTP, Multifactor Auth
: Identity Federation
: Consent
(ODC 1.0 Hybrid flow, FAPI-RW,
public_key_jwt)
: Throttling
: Structural Conformance
: API Security
: Caching
: API Usage Events
DCR API
Banking
API
Common
API
AdminAPI
Data
LakeADR
API
Sandbox
API
Marketplace
API
Analytics
Dashboard
Infosec
API
Identity Meta
Store
Certificate Store
Metadata
Cache
ADR Registry
SSA Validation
API Token
Lifecycle
Management
JWKS Cache
Consent
Admin
Consent
Selfcare
ConsentAPI
: Mediation
: Protocol Switching
: Payload Transformation
(All EIP Supported)
Fraud
Dispute
Resolution
Data
Services
Notification
Proxy
ADR Registration
Token / Revoke
CDS Datasets
Common Datasets
Regulator
Get Metrics
Metadata Update
getStatus
JWKS
Endpoint
Metadata Cache Update
Digital Banking System
SMS Endpoint
SMTP Endpoint
18. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
Navigation Path and Waypoints
18
1
2
3
4
5 6 7 n
Contract
Negotiation
Design
Workshop
Implementation
Test Go Live!
Beyond
Compliance
Bank 4.0
b
Regulator
Alignment
Internal
Culture Shift
a
Partner
Alignment
c
Partner
Update
Agile
2
3
4
Reciprocal Collaboration
c
Compliance Date
19. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
The Design Workshop
19
20. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
Cultural Shift
20
● The startup mindset
● Innovation
● Small, agile, full stack/DevOps team
● Free thinkers & open spaces
● Chaos theory
21. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
Reciprocal Collaboration
21
● Build community
● Share ideas
● Share resources
● Build IP
23. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
Key Learnings
23
● Banks struggle with their incumbent systems
● Re-use what you have
● Buy expertise, not the tool
● Culture needs to change
● Banks adopt a compliance-only mindset—Need support in their digital strategy
● This is digital transformation in disguise
25. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
The API Space—Value Addition
25
Fintech Developers
Partners
Additional
APIs
Support for
Eventing
Monetization
Resources
+
+
Attributes
API
Compliance
Boundary
Rich, Performant, Stable API Space
26. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
The Data Space—Value Addition
26
Merchant CodeBiller CodeDescriptionType
Transaction
Record ID Time
Voluntary Data Set
Smart LendingReal-Time Credit Scoring Wealth Management
Direct Debit
Transfer
Payment
Value Date
Posting Date
Execution Date
1
2
3
4
Consumer Behaviour Pattern
Investment Pattern
Choices
Relationships
Remove PID Deidentify
27. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
The Consumer Engagement Space—Value Addition
27
● User journey optimization
⦿ Authentic consumer experience
● Cognitive analytics
⦿ Fraud detection
⦿ Risk underwriting
● Artificial intelligence & machine learning
⦿ Robo advice
● Blockchain—Smart contracts
28. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
Cross Domain Aggregation
28
Switching Energy Provider
Red Energy
Payment
Transactions
20202019
Origin Energy
Bank
(The Trusted
Advisor)
29. WSO2 Inc. Copyright © 2020 All rights reserved. This document or any portion thereof may not be reproduced or used in any manner whatsoever without the express written permission of WSO2.
The Bank 4.0* and Beyond
29
● Incubators and tight collaboration with startups
● Embedded banking
● SME uplift
● The “Banking Experience Canvas”
* A term coined by Brett King in his book titled “Bank 4.0: Banking Everywhere, Never at a Bank”.