Successful PSD2 compliance is as good as your API management solution. Everyone from your compliance officer to your PSD2 project manager and your CTO needs to have complete trust in the API technology you use to achieve compliance.
WSO2 Open Banking leverages API management capabilities for an accelerated and secure compliance experience. Built to support key Open Banking standards, it comes with a set of API specifications that can get you started on compliance from day 1.
This webinar will cover:
An API management checklist for PSD2 compliance
WSO2 Open Banking capabilities for supporting Open API functionality
How a Third Party Provider (TPP) can leverage WSO2 Open Banking’s core offerings
How to leverage API analytics and API monetization for Open Banking
A demonstration of WSO2 Open Banking
08448380779 Call Girls In Friends Colony Women Seeking Men
Getting your API Management Strategy on Point for PSD2 Compliance
1. WSO2 Open Banking
Getting your API Management Strategy on Point for PSD2
Compliance
Lalaji Sureshika
Technical Lead, Financial Solutions
2. Agenda
● Recap on PSD2
● EBA Mandated Requirements for API Management in a Compliance
Solution
● An API Management Checklist for PSD2 Compliance
● API Management Capabilities of WSO2 Open Banking
● Demo
3. Payment Services Directive 2
EU Directive that applies to
all Banks operating in the EU
that regulates payment
services throughout the EU,
with a compliance deadline of
January 2018
4. What does PSD2 change?
Bank A
Bank B
Bank C
Merchant
TPP
(PISP/AISP)
PSD2
Bank A
Bank B
Bank C
Merchant
XS2A - Access to Account
NowNow
5.
6. EBA Mandated PSD2 Requirements
● Article 27 -
Communication Interface
● Article 28 - Obligations for
dedicated interface
● Article 29 - Certificates
● Article 30 - Security of
communication session
● Article 31 -Data
exchanges
RTS SCA
Assess and notify operational &
security incidents based on ;
● Transactions Affected
● Service Downtime
● Payment Service Users
Affected
● Economic Impact
● Other payment services
affected
more..
GL on Incident
Reporting
Guidelines for Payment Service
Providers [PSPs]
● Risk Assessment
● Protection
○ Data and Systems
Integrity &
Confidentiality
○ Access Control
● Detection
GL on Security
Measures
7. API Management Checklist for PSD2 Compliance
Implement API
● Integration points with core-banking
system
Design & Manage API
● Design and manage capabilities of an API
● Interactive documentation support
● Analytics on API usage , API availability &
performance measures
● API Security
API Governance
● API lifecycle management
● API versioning
Consume API
● Third Party Provider (TPP) registration
● Secured API access by TPP
● Business insights on usage
● Notifications for TPPs
8. WSO2 Open Banking provides all the technology requirements that Banks need to create an “Open Banking” platform to
be PSD2 compliant and as a result become a Digitally Transformed Bank.
API Specification
○ API Definitions
○
WSO2 Open Banking
Customer
TPP
(AISP/PISP)
FinTech
Merchants
Core Banking
Internal Payment
Services
Bank Internal Network
ISO 8583
(TCP/IP)
HTTP
HTTPS
Other Banks
HTTPS
9. WSO2 Open Banking - API Management Capabilities
● API Specifications
Predefined API templates for :
○ Open Banking UK specification
○ STET API specification
○ Berlin Group NextGenPSD2
Or
○ Any custom API specification
10. WSO2 Open Banking - API Management Capabilities
● Support for Different API Types
○ Private APIs - Within the bank
○ Partner APIs - Establish with the bank and a specific TPP
○ Open APIs - Open APIs to all trusted TPPs
● API Lifecycle Management
● API Security - OAuth2
● Define API Policies - Throttling ,Access Control, Transport, API
resources
● Trigger alerts based on abnormal TPP usage, API health , backend
core banking system issues
11. WSO2 Open Banking - API Management Capabilities
● TPP Accessible Developer Portal
○ TPP Onboarding
○ Explore APIs
○ Consume APIs with swagger
○ Provide access to sandbox and production API environments
● Integration points with core banking systems and other internal
banking services
○ Supports different message protocols [ HTTP, TCP] , message types [REST/JSON]
and message formats [ISO 8583, ISO 20022]
● API Monetization to create various revenue models
● API Analytics & Business Insights with dashboards
12. WSO2 Open Banking Offerings for TPPs
● Onboarding Process
● Establish Secure Communication
● Explore and try out bank APIs
● Setting up sandbox testing
● Setting up production
● Acknowledge new API versions
● Business Insights
16. WSO2 Open Banking
● API Manager
● API Security + SCA
● API Analytics
● API Monetization
PSD2 Compliance
● API Integration
● Federated Authentication
● Fraud Detection
● API Analytics
● Dashboards
TPP Provider
● Web/Mobile App Suite
● Insight Sales
● Required Integration
Digital
Transformation
17. Resources
More Information - http://wso2.com/solutions/financial/open-banking/
Try out WSO2 Open Banking - https://openbanking.wso2.com
On Demand Webinars -
https://wso2.com/library/webinars/2017/09/open-banking-moving-banks-beyond-the-norm/
http://wso2.com/library/webinars/2017/08/wso2-open-banking-digital-transformation-through-
psd2/
Open Banking Whitepaper -
http://wso2.com/whitepapers/digital-transformation-through-psd2-and-open-banking/