SlideShare ist ein Scribd-Unternehmen logo

PSD2 & Open Banking: How to go from standards to implementation and compliance

Als PPTX, PDF herunterladen
Rogue Wave Software
Rogue Wave Software

PSD2-driven Open Banking is here, and with it comes challenges in understanding what it means, choosing which standards organizations to follow, which practices are right for you, and whether to aim for regulatory compliance only or use the regulation as an opportunity to differentiate and transform. From a strategic and technical point of view, compliance dictates that now is the time to chart a precise implementation for your organization – do you know where to begin?

Software
1 von 33
1© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 & Open Banking: How to go from standards to implementation and compliance Olaf van Gorp
2© 2018 Rogue Wave Software, Inc. All Rights Reserved. Presenter Olaf van Gorp Technical Sales Europe - Akana olaf.van.gorp@roguewave.com
3© 2018 Rogue Wave Software, Inc. All Rights Reserved. Agenda • PSD2 and APIs • Implementation standards • Added value of API management • Q & A
4© 2018 Rogue Wave Software, Inc. All Rights Reserved. Watch the on-demand webinar
5© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 and APIs
6© 2018 Rogue Wave Software, Inc. All Rights Reserved. Third party provider account information Third party provider account information payment initiation Third party provider payment initiation Third party provider account information Third party provider payment initiation Third party provider account information Third party provider confirmation of funds Third party provider
7© 2018 Rogue Wave Software, Inc. All Rights Reserved. APIs! (really..?)
8© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2? APIs?
9© 2018 Rogue Wave Software, Inc. All Rights Reserved. Understand PSD2… …technical compliance.
10© 2018 Rogue Wave Software, Inc. All Rights Reserved. Verify request integrity Strong customer authentication Mutual authentication Dynamic linking Consumer authorization
11© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD 2 APIs ! PSD 2 APIs !
12© 2018 Rogue Wave Software, Inc. All Rights Reserved. A sample PSD2 component architecture IAM: Identity and access management APIM: API management PSD2 APIM IAM Fraud detection Banking system
13© 2018 Rogue Wave Software, Inc. All Rights Reserved. What are APIs and API management? APIs Expose a business capability to designated consumers in a secure and controlled manner. API management Gives you control over the API across it’s entire lifecycle, from design to deployment to operational health. API management solutions Provide the capabilities to address and automate your API management requirements.
14© 2018 Rogue Wave Software, Inc. All Rights Reserved. Sample API architecture
15© 2018 Rogue Wave Software, Inc. All Rights Reserved. In addition, take care of ‘implicit’ API requirements Summary: Benefits of an APIM solution for PSD2 Delegate PSD2 API requirements Decouple published API from downstream landscape Offer flexibility re. published API • In particular: API security, authorization • Rate limiting, consumer management, API lifecycle management, etc. • Interoperability, different target consumers, etc.
16© 2018 Rogue Wave Software, Inc. All Rights Reserved. Watch the on-demand webinar
17© 2018 Rogue Wave Software, Inc. All Rights Reserved. Implementation standards
18© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 / OB standards • Regulatory Technical Standards (RTS) on strong customer authentication and secure communication • UK Open Banking (with PSD2 additions) • Berlin Group • STET • Polish API (and others)
19© 2018 Rogue Wave Software, Inc. All Rights Reserved. Standards comparison • UK Open Banking (≠ PSD2): – Fully open standards-based (OAuth2.0, OIDC, PKI, JWT, etc.) – Swagger docs published • Berlin Group: – Standards like OAuth2.0 optional rather than preferred – Deviation and divergence • E.g. OAuth scopes, signing HTTP messages, ..
20© 2018 Rogue Wave Software, Inc. All Rights Reserved. Standards divergence • Deviations force customization • Interoperability consequences? – …across ‘standards’?
21© 2018 Rogue Wave Software, Inc. All Rights Reserved. Multiple initiatives (that may not be compatible) Summary: Standards Indispensable for effective technical implementation, yet.. Not yet complete ‘Exotic’ elements may force customization Interoperability concerns
22© 2018 Rogue Wave Software, Inc. All Rights Reserved. Added value of API management
23© 2018 Rogue Wave Software, Inc. All Rights Reserved. Sample PSD2 portal
24© 2018 Rogue Wave Software, Inc. All Rights Reserved. Import PSD2 specified API
25© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 requirements: API security • Certificate-based client authentication • OAuth2.0 (as one way to deal with authorization) Policies - configurable - reusable - versioned
26© 2018 Rogue Wave Software, Inc. All Rights Reserved. API best practice: rate limiting • Limit the number of requests • Protect your downstream systems (request overload)
27© 2018 Rogue Wave Software, Inc. All Rights Reserved. API best practice: API lifecycle management • API development lifecycle – E.g. dev, test, QA, prod • API consumption lifecycle – Accepted, rejected, suspended, revoked • API versioning – Notification, parallel versions
28© 2018 Rogue Wave Software, Inc. All Rights Reserved. API best practice: API analytics • Does my API provide the expected business value? • What consumption trends do I see? • Do my APIs function as expected?
29© 2018 Rogue Wave Software, Inc. All Rights Reserved. Non-mandatory APIs • Open banking as a business opportunity… • …offering a much wider range of services… • …that will make your bank stand out.
30© 2018 Rogue Wave Software, Inc. All Rights Reserved. Allow for effective consumer on-boarding and management Summary Help you with the technical implementation of your PSD2 API-based interface Provide you with a flexible/adaptable solution Ensure effective management of your APIs Offer great possibilities to offer additional functionality (opening up further business opportunities) An APIM solution is indispensable for an effective implementation of the PSD2 interface. It will:
31© 2018 Rogue Wave Software, Inc. All Rights Reserved. Q & A
32© 2018 Rogue Wave Software, Inc. All Rights Reserved. Next steps: Learn more in our blog series on PSD2 & Open Banking at: blog.akana.com Watch the full webinar on-demand.
33© 2018 Rogue Wave Software, Inc. All Rights Reserved.

Empfohlen

PSD2: Open Banking with APIs
PSD2: Open Banking with APIsPSD2: Open Banking with APIs
PSD2: Open Banking with APIs
Jason Bloomberg
 
PSD2 - An Open Banking Revolution
PSD2 - An Open Banking RevolutionPSD2 - An Open Banking Revolution
PSD2 - An Open Banking Revolution
Killian Clifford
 
Open Banking APIs on AWS
Open Banking APIs on AWSOpen Banking APIs on AWS
Open Banking APIs on AWS
Amazon Web Services
 
APIdays Singapore 2019 - Global Open Banking Frameworks and Standards: Luca F...
APIdays Singapore 2019 - Global Open Banking Frameworks and Standards: Luca F...APIdays Singapore 2019 - Global Open Banking Frameworks and Standards: Luca F...
APIdays Singapore 2019 - Global Open Banking Frameworks and Standards: Luca F...
apidays
 
PSD2 & Open Banking
PSD2 & Open BankingPSD2 & Open Banking
PSD2 & Open Banking
senakafdo
 
Psd2 challenges
Psd2 challenges Psd2 challenges
Psd2 challenges
Goran Angelov
 
PSD2: Implementing APIs that interoperate with ISO 20022
PSD2: Implementing APIs that interoperate with ISO 20022PSD2: Implementing APIs that interoperate with ISO 20022
PSD2: Implementing APIs that interoperate with ISO 20022
XMLdation Ltd
 
APIdays Singapore 2019 - Introduction to essential elements of Open Banking F...
APIdays Singapore 2019 - Introduction to essential elements of Open Banking F...APIdays Singapore 2019 - Introduction to essential elements of Open Banking F...
APIdays Singapore 2019 - Introduction to essential elements of Open Banking F...
apidays
 

Empfohlen

PSD2: Open Banking with APIs
PSD2: Open Banking with APIsPSD2: Open Banking with APIs
PSD2: Open Banking with APIs
Jason Bloomberg
 
PSD2 - An Open Banking Revolution
PSD2 - An Open Banking RevolutionPSD2 - An Open Banking Revolution
PSD2 - An Open Banking Revolution
Killian Clifford
 
Open Banking APIs on AWS
Open Banking APIs on AWSOpen Banking APIs on AWS
Open Banking APIs on AWS
Amazon Web Services
 
APIdays Singapore 2019 - Global Open Banking Frameworks and Standards: Luca F...
APIdays Singapore 2019 - Global Open Banking Frameworks and Standards: Luca F...APIdays Singapore 2019 - Global Open Banking Frameworks and Standards: Luca F...
APIdays Singapore 2019 - Global Open Banking Frameworks and Standards: Luca F...
apidays
 
PSD2 & Open Banking
PSD2 & Open BankingPSD2 & Open Banking
PSD2 & Open Banking
senakafdo
 
Psd2 challenges
Psd2 challenges Psd2 challenges
Psd2 challenges
Goran Angelov
 
PSD2: Implementing APIs that interoperate with ISO 20022
PSD2: Implementing APIs that interoperate with ISO 20022PSD2: Implementing APIs that interoperate with ISO 20022
PSD2: Implementing APIs that interoperate with ISO 20022
XMLdation Ltd
 
APIdays Singapore 2019 - Introduction to essential elements of Open Banking F...
APIdays Singapore 2019 - Introduction to essential elements of Open Banking F...APIdays Singapore 2019 - Introduction to essential elements of Open Banking F...
APIdays Singapore 2019 - Introduction to essential elements of Open Banking F...
apidays
 
[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...
[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...
[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...
WSO2
 
Psd2 in a nutshell
Psd2 in a nutshellPsd2 in a nutshell
Psd2 in a nutshell
Initio
 
APIdays Singapore 2019 - Open Banking is Here to Stay: How Will You Benefit f...
APIdays Singapore 2019 - Open Banking is Here to Stay: How Will You Benefit f...APIdays Singapore 2019 - Open Banking is Here to Stay: How Will You Benefit f...
APIdays Singapore 2019 - Open Banking is Here to Stay: How Will You Benefit f...
apidays
 
Webinar: Technology Insights - PSD2
Webinar: Technology Insights - PSD2 Webinar: Technology Insights - PSD2
Webinar: Technology Insights - PSD2
Ulla Kenttä
 
[Workshop] Business Benefits and Digital Transformation through Open Banking
[Workshop] Business Benefits and Digital Transformation through Open Banking[Workshop] Business Benefits and Digital Transformation through Open Banking
[Workshop] Business Benefits and Digital Transformation through Open Banking
WSO2
 
APIdays Singapore 2019 - Promoting Financial Inclusion with an Open Banking M...
APIdays Singapore 2019 - Promoting Financial Inclusion with an Open Banking M...APIdays Singapore 2019 - Promoting Financial Inclusion with an Open Banking M...
APIdays Singapore 2019 - Promoting Financial Inclusion with an Open Banking M...
apidays
 
Holos psd2 open-api
Holos psd2 open-apiHolos psd2 open-api
Holos psd2 open-api
Capgemini
 
Webinar materials | PSD2: Ensuring a seamless payments journey - connecting A...
Webinar materials | PSD2: Ensuring a seamless payments journey - connecting A...Webinar materials | PSD2: Ensuring a seamless payments journey - connecting A...
Webinar materials | PSD2: Ensuring a seamless payments journey - connecting A...
XMLdation Ltd
 
Open Banking APIs with case studies for senior stakeholders
Open Banking APIs with case studies for senior stakeholdersOpen Banking APIs with case studies for senior stakeholders
Open Banking APIs with case studies for senior stakeholders
Mimi Ajayi, PMC
 
Open banking-Future of Banking
Open banking-Future of BankingOpen banking-Future of Banking
Open banking-Future of Banking
farhan ali
 
APIdays Singapore 2019 - Securing Value in API Ecosystems, Ajay Biyani, Head ...
APIdays Singapore 2019 - Securing Value in API Ecosystems, Ajay Biyani, Head ...APIdays Singapore 2019 - Securing Value in API Ecosystems, Ajay Biyani, Head ...
APIdays Singapore 2019 - Securing Value in API Ecosystems, Ajay Biyani, Head ...
apidays
 
WSO2 Open Banking: Digital Transformation Through PSD2
WSO2 Open Banking: Digital Transformation Through PSD2WSO2 Open Banking: Digital Transformation Through PSD2
WSO2 Open Banking: Digital Transformation Through PSD2
WSO2
 
PSD2: Making it actionable
PSD2: Making it actionablePSD2: Making it actionable
PSD2: Making it actionable
Backbase
 
Open Banking: Lessons from the UK #fapisum - Japan/UK Open Banking and APIs S...
Open Banking: Lessons from the UK #fapisum - Japan/UK Open Banking and APIs S...Open Banking: Lessons from the UK #fapisum - Japan/UK Open Banking and APIs S...
Open Banking: Lessons from the UK #fapisum - Japan/UK Open Banking and APIs S...
FinTechLabs.io
 
2017 Feb 3rd Malta - NPF2017 - APIs in context of PSD2
2017 Feb 3rd Malta - NPF2017 - APIs in context of PSD22017 Feb 3rd Malta - NPF2017 - APIs in context of PSD2
2017 Feb 3rd Malta - NPF2017 - APIs in context of PSD2
Dennis Van Allemeersch
 
Open Banking - Opening the door to Digital Transformation
Open Banking - Opening the door to Digital Transformation Open Banking - Opening the door to Digital Transformation
Open Banking - Opening the door to Digital Transformation
WSO2
 
What’s new in WSO2 Open Banking
What’s new in WSO2 Open BankingWhat’s new in WSO2 Open Banking
What’s new in WSO2 Open Banking
WSO2
 
Banking is Now More Open: Open Banking Update
Banking is Now More Open: Open Banking UpdateBanking is Now More Open: Open Banking Update
Banking is Now More Open: Open Banking Update
MikeLeszcz
 
OpenID Foundation/Open Banking Workshop - Open Banking Update
OpenID Foundation/Open Banking Workshop - Open Banking UpdateOpenID Foundation/Open Banking Workshop - Open Banking Update
OpenID Foundation/Open Banking Workshop - Open Banking Update
MikeLeszcz
 
Idc finansal 2017 open banking
Idc finansal 2017 open bankingIdc finansal 2017 open banking
Idc finansal 2017 open banking
Ali Çakiroglu
 
Getting the most from your API management platform: A case study
Getting the most from your API management platform: A case studyGetting the most from your API management platform: A case study
Getting the most from your API management platform: A case study
Rogue Wave Software
 
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2- OSC Korea - Accelerating Digital Businesses with APIsWSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2
 

Weitere ähnliche Inhalte

Was ist angesagt?

[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...
[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...
[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...
WSO2
 
WSO2 Open Banking: Digital Transformation Through PSD2
WSO2 Open Banking: Digital Transformation Through PSD2WSO2 Open Banking: Digital Transformation Through PSD2
WSO2 Open Banking: Digital Transformation Through PSD2
WSO2
 
PSD2: Making it actionable
PSD2: Making it actionablePSD2: Making it actionable
PSD2: Making it actionable
Backbase
 

Was ist angesagt? (20)

[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...
[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...
[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...
 
Psd2 in a nutshell
Psd2 in a nutshellPsd2 in a nutshell
Psd2 in a nutshell
 
APIdays Singapore 2019 - Open Banking is Here to Stay: How Will You Benefit f...
APIdays Singapore 2019 - Open Banking is Here to Stay: How Will You Benefit f...APIdays Singapore 2019 - Open Banking is Here to Stay: How Will You Benefit f...
APIdays Singapore 2019 - Open Banking is Here to Stay: How Will You Benefit f...
 
Webinar: Technology Insights - PSD2
Webinar: Technology Insights - PSD2 Webinar: Technology Insights - PSD2
Webinar: Technology Insights - PSD2
 
[Workshop] Business Benefits and Digital Transformation through Open Banking
[Workshop] Business Benefits and Digital Transformation through Open Banking[Workshop] Business Benefits and Digital Transformation through Open Banking
[Workshop] Business Benefits and Digital Transformation through Open Banking
 
APIdays Singapore 2019 - Promoting Financial Inclusion with an Open Banking M...
APIdays Singapore 2019 - Promoting Financial Inclusion with an Open Banking M...APIdays Singapore 2019 - Promoting Financial Inclusion with an Open Banking M...
APIdays Singapore 2019 - Promoting Financial Inclusion with an Open Banking M...
 
Holos psd2 open-api
Holos psd2 open-apiHolos psd2 open-api
Holos psd2 open-api
 
Webinar materials | PSD2: Ensuring a seamless payments journey - connecting A...
Webinar materials | PSD2: Ensuring a seamless payments journey - connecting A...Webinar materials | PSD2: Ensuring a seamless payments journey - connecting A...
Webinar materials | PSD2: Ensuring a seamless payments journey - connecting A...
 
Open Banking APIs with case studies for senior stakeholders
Open Banking APIs with case studies for senior stakeholdersOpen Banking APIs with case studies for senior stakeholders
Open Banking APIs with case studies for senior stakeholders
 
Open banking-Future of Banking
Open banking-Future of BankingOpen banking-Future of Banking
Open banking-Future of Banking
 
APIdays Singapore 2019 - Securing Value in API Ecosystems, Ajay Biyani, Head ...
APIdays Singapore 2019 - Securing Value in API Ecosystems, Ajay Biyani, Head ...APIdays Singapore 2019 - Securing Value in API Ecosystems, Ajay Biyani, Head ...
APIdays Singapore 2019 - Securing Value in API Ecosystems, Ajay Biyani, Head ...
 
WSO2 Open Banking: Digital Transformation Through PSD2
WSO2 Open Banking: Digital Transformation Through PSD2WSO2 Open Banking: Digital Transformation Through PSD2
WSO2 Open Banking: Digital Transformation Through PSD2
 
PSD2: Making it actionable
PSD2: Making it actionablePSD2: Making it actionable
PSD2: Making it actionable
 
Open Banking: Lessons from the UK #fapisum - Japan/UK Open Banking and APIs S...
Open Banking: Lessons from the UK #fapisum - Japan/UK Open Banking and APIs S...Open Banking: Lessons from the UK #fapisum - Japan/UK Open Banking and APIs S...
Open Banking: Lessons from the UK #fapisum - Japan/UK Open Banking and APIs S...
 
2017 Feb 3rd Malta - NPF2017 - APIs in context of PSD2
2017 Feb 3rd Malta - NPF2017 - APIs in context of PSD22017 Feb 3rd Malta - NPF2017 - APIs in context of PSD2
2017 Feb 3rd Malta - NPF2017 - APIs in context of PSD2
 
Open Banking - Opening the door to Digital Transformation
Open Banking - Opening the door to Digital Transformation Open Banking - Opening the door to Digital Transformation
Open Banking - Opening the door to Digital Transformation
 
What’s new in WSO2 Open Banking
What’s new in WSO2 Open BankingWhat’s new in WSO2 Open Banking
What’s new in WSO2 Open Banking
 
Banking is Now More Open: Open Banking Update
Banking is Now More Open: Open Banking UpdateBanking is Now More Open: Open Banking Update
Banking is Now More Open: Open Banking Update
 
OpenID Foundation/Open Banking Workshop - Open Banking Update
OpenID Foundation/Open Banking Workshop - Open Banking UpdateOpenID Foundation/Open Banking Workshop - Open Banking Update
OpenID Foundation/Open Banking Workshop - Open Banking Update
 
Idc finansal 2017 open banking
Idc finansal 2017 open bankingIdc finansal 2017 open banking
Idc finansal 2017 open banking
 

Ähnlich wie PSD2 & Open Banking: How to go from standards to implementation and compliance

Getting the most from your API management platform: A case study
Getting the most from your API management platform: A case studyGetting the most from your API management platform: A case study
Getting the most from your API management platform: A case study
Rogue Wave Software
 
Monitor and Measure Your Way to Successful Digital Transformation
Monitor and Measure Your Way to Successful Digital TransformationMonitor and Measure Your Way to Successful Digital Transformation
Monitor and Measure Your Way to Successful Digital Transformation
VMware Tanzu
 
BATBern46_Syncier Marketplace.pdf
BATBern46_Syncier Marketplace.pdfBATBern46_Syncier Marketplace.pdf
BATBern46_Syncier Marketplace.pdf
BATbern
 

Ähnlich wie PSD2 & Open Banking: How to go from standards to implementation and compliance (20)

Getting the most from your API management platform: A case study
Getting the most from your API management platform: A case studyGetting the most from your API management platform: A case study
Getting the most from your API management platform: A case study
 
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2- OSC Korea - Accelerating Digital Businesses with APIsWSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
 
Disrupt or be disrupted – Using secure APIs to drive digital transformation
Disrupt or be disrupted – Using secure APIs to drive digital transformationDisrupt or be disrupted – Using secure APIs to drive digital transformation
Disrupt or be disrupted – Using secure APIs to drive digital transformation
 
91APP API Gateway 導入之旅
91APP API Gateway 導入之旅91APP API Gateway 導入之旅
91APP API Gateway 導入之旅
 
[WSO2 Summit Sydney 2019] Building a Successful API Strategy from Scratch and...
[WSO2 Summit Sydney 2019] Building a Successful API Strategy from Scratch and...[WSO2 Summit Sydney 2019] Building a Successful API Strategy from Scratch and...
[WSO2 Summit Sydney 2019] Building a Successful API Strategy from Scratch and...
 
ForgeRock Open banking - Meetup 28/06/2018
ForgeRock Open banking - Meetup 28/06/2018ForgeRock Open banking - Meetup 28/06/2018
ForgeRock Open banking - Meetup 28/06/2018
 
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
 
91APP 之API 經濟學與API Gateway與導入之旅
91APP 之API 經濟學與API Gateway與導入之旅91APP 之API 經濟學與API Gateway與導入之旅
91APP 之API 經濟學與API Gateway與導入之旅
 
[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies
 
apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...
apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...
apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...
 
INTERFACE by apidays - API Success: Running a Successful API Program by Nelso...
INTERFACE by apidays - API Success: Running a Successful API Program by Nelso...INTERFACE by apidays - API Success: Running a Successful API Program by Nelso...
INTERFACE by apidays - API Success: Running a Successful API Program by Nelso...
 
API Gateway How-To: The Many Ways to Apply the Gateway Pattern
API Gateway How-To: The Many Ways to Apply the Gateway PatternAPI Gateway How-To: The Many Ways to Apply the Gateway Pattern
API Gateway How-To: The Many Ways to Apply the Gateway Pattern
 
Monitor and Measure Your Way to Successful Digital Transformation
Monitor and Measure Your Way to Successful Digital TransformationMonitor and Measure Your Way to Successful Digital Transformation
Monitor and Measure Your Way to Successful Digital Transformation
 
WSO2 User Group Bangalore Meetup
WSO2 User Group Bangalore MeetupWSO2 User Group Bangalore Meetup
WSO2 User Group Bangalore Meetup
 
Fintech Primitives - Wealth Management - MF Pro - Distributor
Fintech Primitives - Wealth Management - MF Pro - DistributorFintech Primitives - Wealth Management - MF Pro - Distributor
Fintech Primitives - Wealth Management - MF Pro - Distributor
 
API Management - Practical Enterprise Implementation Experience
API Management - Practical Enterprise Implementation ExperienceAPI Management - Practical Enterprise Implementation Experience
API Management - Practical Enterprise Implementation Experience
 
BATBern46_Syncier Marketplace.pdf
BATBern46_Syncier Marketplace.pdfBATBern46_Syncier Marketplace.pdf
BATBern46_Syncier Marketplace.pdf
 
INTERFACE, by apidays - From Monolith to Open Finance with APIs by Marcilio ...
INTERFACE, by apidays - From Monolith to Open Finance with APIs by Marcilio ...INTERFACE, by apidays - From Monolith to Open Finance with APIs by Marcilio ...
INTERFACE, by apidays - From Monolith to Open Finance with APIs by Marcilio ...
 
apidays London 2023 - API Metrics matters in APIOps, Ludovic Pourrat, Lombar...
apidays London 2023 - API Metrics matters in APIOps, Ludovic Pourrat, Lombar...apidays London 2023 - API Metrics matters in APIOps, Ludovic Pourrat, Lombar...
apidays London 2023 - API Metrics matters in APIOps, Ludovic Pourrat, Lombar...
 
API Management within a Microservice Architecture
API Management within a Microservice ArchitectureAPI Management within a Microservice Architecture
API Management within a Microservice Architecture
 

Mehr von Rogue Wave Software

Leveraging open banking specifications for rigorous API security – What’s in...
Leveraging open banking specifications for rigorous API security – What’s in...Leveraging open banking specifications for rigorous API security – What’s in...
Leveraging open banking specifications for rigorous API security – What’s in...
Rogue Wave Software
 
Advanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsAdvanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applications
Rogue Wave Software
 
Three big mistakes with APIs and microservices
Three big mistakes with APIs and microservices Three big mistakes with APIs and microservices
Three big mistakes with APIs and microservices
Rogue Wave Software
 
Open source applied - Real world use cases (Presented at Open Source 101)
Open source applied - Real world use cases (Presented at Open Source 101)Open source applied - Real world use cases (Presented at Open Source 101)
Open source applied - Real world use cases (Presented at Open Source 101)
Rogue Wave Software
 
How to migrate SourcePro apps from Solaris to Linux
How to migrate SourcePro apps from Solaris to LinuxHow to migrate SourcePro apps from Solaris to Linux
How to migrate SourcePro apps from Solaris to Linux
Rogue Wave Software
 
Approaches to debugging mixed-language HPC apps
Approaches to debugging mixed-language HPC appsApproaches to debugging mixed-language HPC apps
Approaches to debugging mixed-language HPC apps
Rogue Wave Software
 
Open source and embedded software development
Open source and embedded software developmentOpen source and embedded software development
Open source and embedded software development
Rogue Wave Software
 

Mehr von Rogue Wave Software (20)

The Global Influence of Open Banking, API Security, and an Open Data Perspective
The Global Influence of Open Banking, API Security, and an Open Data PerspectiveThe Global Influence of Open Banking, API Security, and an Open Data Perspective
The Global Influence of Open Banking, API Security, and an Open Data Perspective
 
No liftoff, touchdown, or heartbeat shall miss because of a software failure
No liftoff, touchdown, or heartbeat shall miss because of a software failureNo liftoff, touchdown, or heartbeat shall miss because of a software failure
No liftoff, touchdown, or heartbeat shall miss because of a software failure
 
Leveraging open banking specifications for rigorous API security – What’s in...
Leveraging open banking specifications for rigorous API security – What’s in...Leveraging open banking specifications for rigorous API security – What’s in...
Leveraging open banking specifications for rigorous API security – What’s in...
 
Adding layers of security to an API in real-time
Adding layers of security to an API in real-timeAdding layers of security to an API in real-time
Adding layers of security to an API in real-time
 
Advanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsAdvanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applications
 
The forgotten route: Making Apache Camel work for you
The forgotten route: Making Apache Camel work for youThe forgotten route: Making Apache Camel work for you
The forgotten route: Making Apache Camel work for you
 
Are open source and embedded software development on a collision course?
Are open source and embedded software development on a collision course?Are open source and embedded software development on a collision course?
Are open source and embedded software development on a collision course?
 
Three big mistakes with APIs and microservices
Three big mistakes with APIs and microservices Three big mistakes with APIs and microservices
Three big mistakes with APIs and microservices
 
5 strategies for enterprise cloud infrastructure success
5 strategies for enterprise cloud infrastructure success5 strategies for enterprise cloud infrastructure success
5 strategies for enterprise cloud infrastructure success
 
Java 10 and beyond: Keeping up with the language and planning for the future
Java 10 and beyond: Keeping up with the language and planning for the futureJava 10 and beyond: Keeping up with the language and planning for the future
Java 10 and beyond: Keeping up with the language and planning for the future
 
How to keep developers happy and lawyers calm (Presented at ESC Boston)
How to keep developers happy and lawyers calm (Presented at ESC Boston)How to keep developers happy and lawyers calm (Presented at ESC Boston)
How to keep developers happy and lawyers calm (Presented at ESC Boston)
 
Open source applied - Real world use cases (Presented at Open Source 101)
Open source applied - Real world use cases (Presented at Open Source 101)Open source applied - Real world use cases (Presented at Open Source 101)
Open source applied - Real world use cases (Presented at Open Source 101)
 
How to migrate SourcePro apps from Solaris to Linux
How to migrate SourcePro apps from Solaris to LinuxHow to migrate SourcePro apps from Solaris to Linux
How to migrate SourcePro apps from Solaris to Linux
 
Approaches to debugging mixed-language HPC apps
Approaches to debugging mixed-language HPC appsApproaches to debugging mixed-language HPC apps
Approaches to debugging mixed-language HPC apps
 
Enterprise Linux: Justify your migration from Red Hat to CentOS
Enterprise Linux: Justify your migration from Red Hat to CentOSEnterprise Linux: Justify your migration from Red Hat to CentOS
Enterprise Linux: Justify your migration from Red Hat to CentOS
 
Walk through an enterprise Linux migration
Walk through an enterprise Linux migrationWalk through an enterprise Linux migration
Walk through an enterprise Linux migration
 
How to keep developers happy and lawyers calm
How to keep developers happy and lawyers calmHow to keep developers happy and lawyers calm
How to keep developers happy and lawyers calm
 
Open source and embedded software development
Open source and embedded software developmentOpen source and embedded software development
Open source and embedded software development
 
Open source software: The infrastructure impact
Open source software: The infrastructure impactOpen source software: The infrastructure impact
Open source software: The infrastructure impact
 
Plan a successful enterprise Linux migration
Plan a successful enterprise Linux migrationPlan a successful enterprise Linux migration
Plan a successful enterprise Linux migration
 

Kürzlich hochgeladen

%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
masabamasaba
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
masabamasaba
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
shinachiaurasa2
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
chiefasafspells
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
Papp Krisztián
 

Kürzlich hochgeladen (20)

%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 

PSD2 & Open Banking: How to go from standards to implementation and compliance

  • 1. 1© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 & Open Banking: How to go from standards to implementation and compliance Olaf van Gorp
  • 2. 2© 2018 Rogue Wave Software, Inc. All Rights Reserved. Presenter Olaf van Gorp Technical Sales Europe - Akana olaf.van.gorp@roguewave.com
  • 3. 3© 2018 Rogue Wave Software, Inc. All Rights Reserved. Agenda • PSD2 and APIs • Implementation standards • Added value of API management • Q & A
  • 4. 4© 2018 Rogue Wave Software, Inc. All Rights Reserved. Watch the on-demand webinar
  • 5. 5© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 and APIs
  • 6. 6© 2018 Rogue Wave Software, Inc. All Rights Reserved. Third party provider account information Third party provider account information payment initiation Third party provider payment initiation Third party provider account information Third party provider payment initiation Third party provider account information Third party provider confirmation of funds Third party provider
  • 7. 7© 2018 Rogue Wave Software, Inc. All Rights Reserved. APIs! (really..?)
  • 8. 8© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2? APIs?
  • 9. 9© 2018 Rogue Wave Software, Inc. All Rights Reserved. Understand PSD2… …technical compliance.
  • 10. 10© 2018 Rogue Wave Software, Inc. All Rights Reserved. Verify request integrity Strong customer authentication Mutual authentication Dynamic linking Consumer authorization
  • 11. 11© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD 2 APIs ! PSD 2 APIs !
  • 12. 12© 2018 Rogue Wave Software, Inc. All Rights Reserved. A sample PSD2 component architecture IAM: Identity and access management APIM: API management PSD2 APIM IAM Fraud detection Banking system
  • 13. 13© 2018 Rogue Wave Software, Inc. All Rights Reserved. What are APIs and API management? APIs Expose a business capability to designated consumers in a secure and controlled manner. API management Gives you control over the API across it’s entire lifecycle, from design to deployment to operational health. API management solutions Provide the capabilities to address and automate your API management requirements.
  • 14. 14© 2018 Rogue Wave Software, Inc. All Rights Reserved. Sample API architecture
  • 15. 15© 2018 Rogue Wave Software, Inc. All Rights Reserved. In addition, take care of ‘implicit’ API requirements Summary: Benefits of an APIM solution for PSD2 Delegate PSD2 API requirements Decouple published API from downstream landscape Offer flexibility re. published API • In particular: API security, authorization • Rate limiting, consumer management, API lifecycle management, etc. • Interoperability, different target consumers, etc.
  • 16. 16© 2018 Rogue Wave Software, Inc. All Rights Reserved. Watch the on-demand webinar
  • 17. 17© 2018 Rogue Wave Software, Inc. All Rights Reserved. Implementation standards
  • 18. 18© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 / OB standards • Regulatory Technical Standards (RTS) on strong customer authentication and secure communication • UK Open Banking (with PSD2 additions) • Berlin Group • STET • Polish API (and others)
  • 19. 19© 2018 Rogue Wave Software, Inc. All Rights Reserved. Standards comparison • UK Open Banking (≠ PSD2): – Fully open standards-based (OAuth2.0, OIDC, PKI, JWT, etc.) – Swagger docs published • Berlin Group: – Standards like OAuth2.0 optional rather than preferred – Deviation and divergence • E.g. OAuth scopes, signing HTTP messages, ..
  • 20. 20© 2018 Rogue Wave Software, Inc. All Rights Reserved. Standards divergence • Deviations force customization • Interoperability consequences? – …across ‘standards’?
  • 21. 21© 2018 Rogue Wave Software, Inc. All Rights Reserved. Multiple initiatives (that may not be compatible) Summary: Standards Indispensable for effective technical implementation, yet.. Not yet complete ‘Exotic’ elements may force customization Interoperability concerns
  • 22. 22© 2018 Rogue Wave Software, Inc. All Rights Reserved. Added value of API management
  • 23. 23© 2018 Rogue Wave Software, Inc. All Rights Reserved. Sample PSD2 portal
  • 24. 24© 2018 Rogue Wave Software, Inc. All Rights Reserved. Import PSD2 specified API
  • 25. 25© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 requirements: API security • Certificate-based client authentication • OAuth2.0 (as one way to deal with authorization) Policies - configurable - reusable - versioned
  • 26. 26© 2018 Rogue Wave Software, Inc. All Rights Reserved. API best practice: rate limiting • Limit the number of requests • Protect your downstream systems (request overload)
  • 27. 27© 2018 Rogue Wave Software, Inc. All Rights Reserved. API best practice: API lifecycle management • API development lifecycle – E.g. dev, test, QA, prod • API consumption lifecycle – Accepted, rejected, suspended, revoked • API versioning – Notification, parallel versions
  • 28. 28© 2018 Rogue Wave Software, Inc. All Rights Reserved. API best practice: API analytics • Does my API provide the expected business value? • What consumption trends do I see? • Do my APIs function as expected?
  • 29. 29© 2018 Rogue Wave Software, Inc. All Rights Reserved. Non-mandatory APIs • Open banking as a business opportunity… • …offering a much wider range of services… • …that will make your bank stand out.
  • 30. 30© 2018 Rogue Wave Software, Inc. All Rights Reserved. Allow for effective consumer on-boarding and management Summary Help you with the technical implementation of your PSD2 API-based interface Provide you with a flexible/adaptable solution Ensure effective management of your APIs Offer great possibilities to offer additional functionality (opening up further business opportunities) An APIM solution is indispensable for an effective implementation of the PSD2 interface. It will:
  • 31. 31© 2018 Rogue Wave Software, Inc. All Rights Reserved. Q & A
  • 32. 32© 2018 Rogue Wave Software, Inc. All Rights Reserved. Next steps: Learn more in our blog series on PSD2 & Open Banking at: blog.akana.com Watch the full webinar on-demand.
  • 33. 33© 2018 Rogue Wave Software, Inc. All Rights Reserved.