This slide deck explores how WSO2 Open Banking is built to address the key pain points of PSD2 compliance by providing a secure API-based environment to expose customer data to third parties. Watch the webinar here: https://wso2.com/library/webinars/2018/01/secure-and-accelerated-psd2-compliance-with-wso2-open-banking/
08448380779 Call Girls In Friends Colony Women Seeking Men
Secure and Accelerated PSD2 Compliance with WSO2 Open Banking - A Technical Demonstration
1. Secure and Accelerated PSD2 Compliance with WSO2
Open Banking - A Technical Demonstration
Amalka Subasinghe
Associate Technical Lead, Financial Solutions Team, WSO2
2. Agenda
● WSO2 Open Banking and its offerings
● Technical demonstration
○ End user experience in AISP flow
○ Consent revocation
○ TPP registration and approval process
○ Third party application developer experience
○ Bank experience/ API developer experience
● Why WSO2 Open Banking?
3. WSO2 Open Banking provides all the technology requirements that banks need to create an “Open Banking”
platform to be PSD2 compliance and as a result become a digitally transformed bank.
Customer
TPP
(AISP/PISP)
FinTech
Merchants
Core Banking
Internal Payment
Services
Bank Internal Network
ISO 8583
(TCP/IP)
HTTP
Other Banks
HTTPS
HTTPS
WSO2 Open Banking
4. WSO2 Open Banking - Key Offerings
● Full PSD2 compliance including adherence to PSD2 and EBA RTS and guidelines
● Provide standardized API specifications for Payment and Account information
● Out-of-the-box API security (OAuth2)
● Strong Customer Authentication (SCA)
● Adaptive authentication based on rules defined
● User Consent Management + GDPR
● Third Party Provider (TPP) onboarding
● Integration with core banking systems and external services
● API analytics and business insights with dashboards
● API monetization to create various revenue models
5. ● End user experience in AISP flow
● Consent revocation
● TPP registration and approval process
● Third party application developer experience
● Bank experience/ API developer experience
Technical Demonstration
openbanking.org.uk
7. Process of Accessing Account Information
Login and
accessing account
information via
web/mobile
application
Login page
2 Factor authentication
Customer consent
Initiation
account info
2
3
4
5
302
6
Token 7
Get accounts
information
Web/Mobile
Apps
1 Token
8. Security Capabilities
● Strong Customer Authentication
○ Multi-factor authentication with at least 2F
○ Extensible to support any other mechanism
preferred by banks to authenticate users.
● Access delegation with explicit user consent
○ GDPR enforcement (May 2018)
○ Revoke user consents
○ Audit trails and fine grained authorization to
handle sensitive information
● Secured API Invocation
○ OAuth2 grant types
○ Recommendations to meet specifications
○ E.g. openbanking.org.uk
■ OIDC Hybrid flow
■ private key JWT client authentication
■ request object
9. More Security Capabilities
● Fraud detection and audit logs
● Conditional authentication
● Adaptive authentication
● Fine grained authorization
● Federated authentication
● Continued security procedures
14. WSO2 Open Banking
● API Management
● API Security + SCA1
● Consent Management
● API Analytics
● API Monetization
Compliance through
Open APIs
● API Integration
● Federated Authentication
● Fraud Detection
● Consolidated API Analytics
● Business KPI Dashboards
Third Party Provider
● Web/Mobile App Suite
● Insight Sales
● Required Integration
Recommendations
and Insights
15. Why WSO2 Open Banking?
● World class technology, preconfigured for full compliance as well as business expansion
● Proven track record of working with financial institutions of all sizes
● Standards-based API-M/Integration that interoperates with COTS or bespoke tech
● Minimum impact and changes to existing internal systems and B2B integrations
● Ability to implement through bank’s preferred local partners
● Structured training programs for IT staff and focused workshops & hackathons
● Ability to seamlessly cater to evolving regulations and business priorities
16. Resources
More Information http://wso2.com/solutions/financial/open-banking/
Try out WSO2 Open Banking https://openbanking.wso2.com
Get in Touch openbankingdemo@wso2.com
On Demand Webinars
WSO2 Open Banking: Digital Transformation Through PSD2
- https://wso2.com/library/webinars/2017/08/wso2-open-banking-digital-transformation-through-psd2
Getting Your API Management Strategy on Point for PSD2 Compliance
- https://wso2.com/library/webinars/2017/11/getting-your-api-management-strategy-on-point-for-psd2-complia
nce/
Building a Fool Proof Security Strategy for PSD2 Compliance
- https://wso2.com/library/webinars/2017/11/building-a-fool-proof-security-strategy-for-psd2-compliance/
WSO2Con Keynote
https://wso2.com/library/conference/2017/11/wso2con-eu-2017-digital-transformation-in-the-guise-of-a-regulation-p
sd2-and-open-banking/