SlideShare a Scribd company logo

PSD2 & Open Banking: How to go from standards to implementation and compliance

Download as PPTX, PDF
Rogue Wave Software , profile picture
Rogue Wave Software

The document discusses the implementation of PSD2 (Payment Services Directive 2) and the role of APIs in compliance and management within banking. It emphasizes the importance of API management solutions for effective technical implementation, addressing challenges like security and interoperability across different standards. Additionally, it highlights best practices for API management, such as lifecycle management and rate limiting, to enhance functionality and consumer onboarding.

Software
Related topics:
API Management Trends
1 of 33
Downloaded 32 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
1© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 & Open Banking: How to go from standards to implementation and compliance Olaf van Gorp
2© 2018 Rogue Wave Software, Inc. All Rights Reserved. Presenter Olaf van Gorp Technical Sales Europe - Akana olaf.van.gorp@roguewave.com
3© 2018 Rogue Wave Software, Inc. All Rights Reserved. Agenda • PSD2 and APIs • Implementation standards • Added value of API management • Q & A
4© 2018 Rogue Wave Software, Inc. All Rights Reserved. Watch the on-demand webinar
5© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 and APIs
6© 2018 Rogue Wave Software, Inc. All Rights Reserved. Third party provider account information Third party provider account information payment initiation Third party provider payment initiation Third party provider account information Third party provider payment initiation Third party provider account information Third party provider confirmation of funds Third party provider
7© 2018 Rogue Wave Software, Inc. All Rights Reserved. APIs! (really..?)
8© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2? APIs?
9© 2018 Rogue Wave Software, Inc. All Rights Reserved. Understand PSD2… …technical compliance.
10© 2018 Rogue Wave Software, Inc. All Rights Reserved. Verify request integrity Strong customer authentication Mutual authentication Dynamic linking Consumer authorization
11© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD 2 APIs ! PSD 2 APIs !
12© 2018 Rogue Wave Software, Inc. All Rights Reserved. A sample PSD2 component architecture IAM: Identity and access management APIM: API management PSD2 APIM IAM Fraud detection Banking system
13© 2018 Rogue Wave Software, Inc. All Rights Reserved. What are APIs and API management? APIs Expose a business capability to designated consumers in a secure and controlled manner. API management Gives you control over the API across it’s entire lifecycle, from design to deployment to operational health. API management solutions Provide the capabilities to address and automate your API management requirements.
14© 2018 Rogue Wave Software, Inc. All Rights Reserved. Sample API architecture
15© 2018 Rogue Wave Software, Inc. All Rights Reserved. In addition, take care of ‘implicit’ API requirements Summary: Benefits of an APIM solution for PSD2 Delegate PSD2 API requirements Decouple published API from downstream landscape Offer flexibility re. published API • In particular: API security, authorization • Rate limiting, consumer management, API lifecycle management, etc. • Interoperability, different target consumers, etc.
16© 2018 Rogue Wave Software, Inc. All Rights Reserved. Watch the on-demand webinar
17© 2018 Rogue Wave Software, Inc. All Rights Reserved. Implementation standards
18© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 / OB standards • Regulatory Technical Standards (RTS) on strong customer authentication and secure communication • UK Open Banking (with PSD2 additions) • Berlin Group • STET • Polish API (and others)
19© 2018 Rogue Wave Software, Inc. All Rights Reserved. Standards comparison • UK Open Banking (≠ PSD2): – Fully open standards-based (OAuth2.0, OIDC, PKI, JWT, etc.) – Swagger docs published • Berlin Group: – Standards like OAuth2.0 optional rather than preferred – Deviation and divergence • E.g. OAuth scopes, signing HTTP messages, ..
20© 2018 Rogue Wave Software, Inc. All Rights Reserved. Standards divergence • Deviations force customization • Interoperability consequences? – …across ‘standards’?
21© 2018 Rogue Wave Software, Inc. All Rights Reserved. Multiple initiatives (that may not be compatible) Summary: Standards Indispensable for effective technical implementation, yet.. Not yet complete ‘Exotic’ elements may force customization Interoperability concerns
22© 2018 Rogue Wave Software, Inc. All Rights Reserved. Added value of API management
23© 2018 Rogue Wave Software, Inc. All Rights Reserved. Sample PSD2 portal
24© 2018 Rogue Wave Software, Inc. All Rights Reserved. Import PSD2 specified API
25© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 requirements: API security • Certificate-based client authentication • OAuth2.0 (as one way to deal with authorization) Policies - configurable - reusable - versioned
26© 2018 Rogue Wave Software, Inc. All Rights Reserved. API best practice: rate limiting • Limit the number of requests • Protect your downstream systems (request overload)
27© 2018 Rogue Wave Software, Inc. All Rights Reserved. API best practice: API lifecycle management • API development lifecycle – E.g. dev, test, QA, prod • API consumption lifecycle – Accepted, rejected, suspended, revoked • API versioning – Notification, parallel versions
28© 2018 Rogue Wave Software, Inc. All Rights Reserved. API best practice: API analytics • Does my API provide the expected business value? • What consumption trends do I see? • Do my APIs function as expected?
29© 2018 Rogue Wave Software, Inc. All Rights Reserved. Non-mandatory APIs • Open banking as a business opportunity… • …offering a much wider range of services… • …that will make your bank stand out.
30© 2018 Rogue Wave Software, Inc. All Rights Reserved. Allow for effective consumer on-boarding and management Summary Help you with the technical implementation of your PSD2 API-based interface Provide you with a flexible/adaptable solution Ensure effective management of your APIs Offer great possibilities to offer additional functionality (opening up further business opportunities) An APIM solution is indispensable for an effective implementation of the PSD2 interface. It will:
31© 2018 Rogue Wave Software, Inc. All Rights Reserved. Q & A
32© 2018 Rogue Wave Software, Inc. All Rights Reserved. Next steps: Learn more in our blog series on PSD2 & Open Banking at: blog.akana.com Watch the full webinar on-demand.
33© 2018 Rogue Wave Software, Inc. All Rights Reserved.

More Related Content

PPTX
PSD2: Open Banking with APIs
Jason Bloomberg
 
PDF
PSD2 - An Open Banking Revolution
Killian Clifford
 
PPTX
APIdays Singapore 2019 - Global Open Banking Frameworks and Standards: Luca F...
apidays
 
PDF
PSD2 & Open Banking
senakafdo
 
PPTX
Psd2 challenges
Goran Angelov
 
PPTX
PSD2: Implementing APIs that interoperate with ISO 20022
XMLdation Ltd
 
PPTX
APIdays Singapore 2019 - Introduction to essential elements of Open Banking F...
apidays
 
PDF
[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...
WSO2
 
PSD2: Open Banking with APIs
Jason Bloomberg
 
PSD2 - An Open Banking Revolution
Killian Clifford
 
APIdays Singapore 2019 - Global Open Banking Frameworks and Standards: Luca F...
apidays
 
PSD2 & Open Banking
senakafdo
 
Psd2 challenges
Goran Angelov
 
PSD2: Implementing APIs that interoperate with ISO 20022
XMLdation Ltd
 
APIdays Singapore 2019 - Introduction to essential elements of Open Banking F...
apidays
 
[APIdays Melbourne 2019] The Consumer Data Right: Building a Successful Open ...
WSO2
 

What's hot (19)

PDF
Psd2 in a nutshell
Initio
 
PDF
APIdays Singapore 2019 - Open Banking is Here to Stay: How Will You Benefit f...
apidays
 
PPTX
Webinar: Technology Insights - PSD2
Ulla Kenttä
 
PDF
[Workshop] Business Benefits and Digital Transformation through Open Banking
WSO2
 
PPTX
APIdays Singapore 2019 - Promoting Financial Inclusion with an Open Banking M...
apidays
 
PDF
Holos psd2 open-api
Capgemini
 
PPTX
Webinar materials | PSD2: Ensuring a seamless payments journey - connecting A...
XMLdation Ltd
 
PPTX
Open Banking APIs with case studies for senior stakeholders
Mimi Ajayi, PMC
 
PPTX
Open banking-Future of Banking
farhan ali
 
PPTX
APIdays Singapore 2019 - Securing Value in API Ecosystems, Ajay Biyani, Head ...
apidays
 
PDF
WSO2 Open Banking: Digital Transformation Through PSD2
WSO2
 
PDF
PSD2: Making it actionable
Backbase
 
PDF
Open Banking: Lessons from the UK #fapisum - Japan/UK Open Banking and APIs S...
FinTechLabs.io
 
PPTX
2017 Feb 3rd Malta - NPF2017 - APIs in context of PSD2
Dennis Van Allemeersch
 
PPTX
Open Banking - Opening the door to Digital Transformation
WSO2
 
PDF
What’s new in WSO2 Open Banking
WSO2
 
PDF
Banking is Now More Open: Open Banking Update
MikeLeszcz
 
PDF
OpenID Foundation/Open Banking Workshop - Open Banking Update
MikeLeszcz
 
PPTX
Idc finansal 2017 open banking
Ali Çakiroglu
 
Psd2 in a nutshell
Initio
 
APIdays Singapore 2019 - Open Banking is Here to Stay: How Will You Benefit f...
apidays
 
Webinar: Technology Insights - PSD2
Ulla Kenttä
 
[Workshop] Business Benefits and Digital Transformation through Open Banking
WSO2
 
APIdays Singapore 2019 - Promoting Financial Inclusion with an Open Banking M...
apidays
 
Holos psd2 open-api
Capgemini
 
Webinar materials | PSD2: Ensuring a seamless payments journey - connecting A...
XMLdation Ltd
 
Open Banking APIs with case studies for senior stakeholders
Mimi Ajayi, PMC
 
Open banking-Future of Banking
farhan ali
 
APIdays Singapore 2019 - Securing Value in API Ecosystems, Ajay Biyani, Head ...
apidays
 
WSO2 Open Banking: Digital Transformation Through PSD2
WSO2
 
PSD2: Making it actionable
Backbase
 
Open Banking: Lessons from the UK #fapisum - Japan/UK Open Banking and APIs S...
FinTechLabs.io
 
2017 Feb 3rd Malta - NPF2017 - APIs in context of PSD2
Dennis Van Allemeersch
 
Open Banking - Opening the door to Digital Transformation
WSO2
 
What’s new in WSO2 Open Banking
WSO2
 
Banking is Now More Open: Open Banking Update
MikeLeszcz
 
OpenID Foundation/Open Banking Workshop - Open Banking Update
MikeLeszcz
 
Idc finansal 2017 open banking
Ali Çakiroglu
 
Ad

Similar to PSD2 & Open Banking: How to go from standards to implementation and compliance (20)

PPTX
Getting the most from your API management platform: A case study
Rogue Wave Software
 
PPTX
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2
 
PDF
Disrupt or be disrupted – Using secure APIs to drive digital transformation
Rogue Wave Software
 
PDF
91APP API Gateway 導入之旅
Rick Hwang
 
PDF
[WSO2 Summit Sydney 2019] Building a Successful API Strategy from Scratch and...
WSO2
 
PDF
ForgeRock Open banking - Meetup 28/06/2018
Quentin Castel
 
PDF
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
FinTechLabs.io
 
PDF
[Workshop] Managing the API lifecycle with Open Source Technologies
WSO2
 
PDF
apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...
apidays
 
PDF
INTERFACE by apidays - API Success: Running a Successful API Program by Nelso...
apidays
 
PDF
API Gateway How-To: The Many Ways to Apply the Gateway Pattern
VMware Tanzu
 
PDF
Monitor and Measure Your Way to Successful Digital Transformation
VMware Tanzu
 
PDF
WSO2 User Group Bangalore Meetup
WSO2
 
PDF
Fintech Primitives - Wealth Management - MF Pro - Distributor
Jainendra Sinha
 
PPTX
API Management - Practical Enterprise Implementation Experience
Capgemini
 
PDF
BATBern46_Syncier Marketplace.pdf
BATbern
 
PDF
INTERFACE, by apidays - From Monolith to Open Finance with APIs by Marcilio ...
apidays
 
PDF
apidays London 2023 - API Metrics matters in APIOps, Ludovic Pourrat, Lombar...
apidays
 
PDF
API Management within a Microservice Architecture
WSO2
 
PPTX
API Management Within a Microservices Architecture
Nadeesha Gamage
 
Getting the most from your API management platform: A case study
Rogue Wave Software
 
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2
 
Disrupt or be disrupted – Using secure APIs to drive digital transformation
Rogue Wave Software
 
91APP API Gateway 導入之旅
Rick Hwang
 
[WSO2 Summit Sydney 2019] Building a Successful API Strategy from Scratch and...
WSO2
 
ForgeRock Open banking - Meetup 28/06/2018
Quentin Castel
 
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
FinTechLabs.io
 
[Workshop] Managing the API lifecycle with Open Source Technologies
WSO2
 
apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...
apidays
 
INTERFACE by apidays - API Success: Running a Successful API Program by Nelso...
apidays
 
API Gateway How-To: The Many Ways to Apply the Gateway Pattern
VMware Tanzu
 
Monitor and Measure Your Way to Successful Digital Transformation
VMware Tanzu
 
WSO2 User Group Bangalore Meetup
WSO2
 
Fintech Primitives - Wealth Management - MF Pro - Distributor
Jainendra Sinha
 
API Management - Practical Enterprise Implementation Experience
Capgemini
 
BATBern46_Syncier Marketplace.pdf
BATbern
 
INTERFACE, by apidays - From Monolith to Open Finance with APIs by Marcilio ...
apidays
 
apidays London 2023 - API Metrics matters in APIOps, Ludovic Pourrat, Lombar...
apidays
 
API Management within a Microservice Architecture
WSO2
 
API Management Within a Microservices Architecture
Nadeesha Gamage
 
Ad

More from Rogue Wave Software (20)

PPTX
The Global Influence of Open Banking, API Security, and an Open Data Perspective
Rogue Wave Software
 
PPTX
No liftoff, touchdown, or heartbeat shall miss because of a software failure
Rogue Wave Software
 
PPTX
Leveraging open banking specifications for rigorous API security – What’s in...
Rogue Wave Software
 
PPTX
Adding layers of security to an API in real-time
Rogue Wave Software
 
PPTX
Advanced technologies and techniques for debugging HPC applications
Rogue Wave Software
 
PPTX
The forgotten route: Making Apache Camel work for you
Rogue Wave Software
 
PPTX
Are open source and embedded software development on a collision course?
Rogue Wave Software
 
PDF
Three big mistakes with APIs and microservices
Rogue Wave Software
 
PPTX
5 strategies for enterprise cloud infrastructure success
Rogue Wave Software
 
PPTX
Java 10 and beyond: Keeping up with the language and planning for the future
Rogue Wave Software
 
PPTX
How to keep developers happy and lawyers calm (Presented at ESC Boston)
Rogue Wave Software
 
PPTX
Open source applied - Real world use cases (Presented at Open Source 101)
Rogue Wave Software
 
PPTX
How to migrate SourcePro apps from Solaris to Linux
Rogue Wave Software
 
PPTX
Approaches to debugging mixed-language HPC apps
Rogue Wave Software
 
PPTX
Enterprise Linux: Justify your migration from Red Hat to CentOS
Rogue Wave Software
 
PPTX
Walk through an enterprise Linux migration
Rogue Wave Software
 
PPTX
How to keep developers happy and lawyers calm
Rogue Wave Software
 
PPTX
Open source and embedded software development
Rogue Wave Software
 
PDF
Open source software: The infrastructure impact
Rogue Wave Software
 
PPTX
Plan a successful enterprise Linux migration
Rogue Wave Software
 
The Global Influence of Open Banking, API Security, and an Open Data Perspective
Rogue Wave Software
 
No liftoff, touchdown, or heartbeat shall miss because of a software failure
Rogue Wave Software
 
Leveraging open banking specifications for rigorous API security – What’s in...
Rogue Wave Software
 
Adding layers of security to an API in real-time
Rogue Wave Software
 
Advanced technologies and techniques for debugging HPC applications
Rogue Wave Software
 
The forgotten route: Making Apache Camel work for you
Rogue Wave Software
 
Are open source and embedded software development on a collision course?
Rogue Wave Software
 
Three big mistakes with APIs and microservices
Rogue Wave Software
 
5 strategies for enterprise cloud infrastructure success
Rogue Wave Software
 
Java 10 and beyond: Keeping up with the language and planning for the future
Rogue Wave Software
 
How to keep developers happy and lawyers calm (Presented at ESC Boston)
Rogue Wave Software
 
Open source applied - Real world use cases (Presented at Open Source 101)
Rogue Wave Software
 
How to migrate SourcePro apps from Solaris to Linux
Rogue Wave Software
 
Approaches to debugging mixed-language HPC apps
Rogue Wave Software
 
Enterprise Linux: Justify your migration from Red Hat to CentOS
Rogue Wave Software
 
Walk through an enterprise Linux migration
Rogue Wave Software
 
How to keep developers happy and lawyers calm
Rogue Wave Software
 
Open source and embedded software development
Rogue Wave Software
 
Open source software: The infrastructure impact
Rogue Wave Software
 
Plan a successful enterprise Linux migration
Rogue Wave Software
 

Recently uploaded (20)

PDF
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
PPTX
ai tools demonstartion for schools and inter college
harshavardhanreddyka11
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
PPTX
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
PDF
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
PDF
Nekopoi APK 2025 free lastest update
umarali35kp
 
PPTX
history of c programming in notes for students .pptx
Vijayakumari829030
 
PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
PDF
EN-Survey-Report-SAP-LeanIX-EA-Insights-2025.pdf
deepakkhaitan3
 
PDF
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
PDF
2025 Textile ERP Trends: SAP, Odoo & Oracle
Aetos Technologies
 
PPTX
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
PDF
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
PPTX
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
PDF
AI in Product Development-omnex systems
omnex systems
 
PPTX
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
PPTX
Essential Infomation Tech presentation.pptx
pradeepjava2016
 
PDF
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
PPTX
L1 - Introduction to python Backend.pptx
MoizAhmed480282
 
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
ai tools demonstartion for schools and inter college
harshavardhanreddyka11
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
Nekopoi APK 2025 free lastest update
umarali35kp
 
history of c programming in notes for students .pptx
Vijayakumari829030
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
EN-Survey-Report-SAP-LeanIX-EA-Insights-2025.pdf
deepakkhaitan3
 
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
2025 Textile ERP Trends: SAP, Odoo & Oracle
Aetos Technologies
 
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
AI in Product Development-omnex systems
omnex systems
 
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
Essential Infomation Tech presentation.pptx
pradeepjava2016
 
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
L1 - Introduction to python Backend.pptx
MoizAhmed480282
 

PSD2 & Open Banking: How to go from standards to implementation and compliance

  • 1. 1© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 & Open Banking: How to go from standards to implementation and compliance Olaf van Gorp
  • 2. 2© 2018 Rogue Wave Software, Inc. All Rights Reserved. Presenter Olaf van Gorp Technical Sales Europe - Akana olaf.van.gorp@roguewave.com
  • 3. 3© 2018 Rogue Wave Software, Inc. All Rights Reserved. Agenda • PSD2 and APIs • Implementation standards • Added value of API management • Q & A
  • 4. 4© 2018 Rogue Wave Software, Inc. All Rights Reserved. Watch the on-demand webinar
  • 5. 5© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 and APIs
  • 6. 6© 2018 Rogue Wave Software, Inc. All Rights Reserved. Third party provider account information Third party provider account information payment initiation Third party provider payment initiation Third party provider account information Third party provider payment initiation Third party provider account information Third party provider confirmation of funds Third party provider
  • 7. 7© 2018 Rogue Wave Software, Inc. All Rights Reserved. APIs! (really..?)
  • 8. 8© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2? APIs?
  • 9. 9© 2018 Rogue Wave Software, Inc. All Rights Reserved. Understand PSD2… …technical compliance.
  • 10. 10© 2018 Rogue Wave Software, Inc. All Rights Reserved. Verify request integrity Strong customer authentication Mutual authentication Dynamic linking Consumer authorization
  • 11. 11© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD 2 APIs ! PSD 2 APIs !
  • 12. 12© 2018 Rogue Wave Software, Inc. All Rights Reserved. A sample PSD2 component architecture IAM: Identity and access management APIM: API management PSD2 APIM IAM Fraud detection Banking system
  • 13. 13© 2018 Rogue Wave Software, Inc. All Rights Reserved. What are APIs and API management? APIs Expose a business capability to designated consumers in a secure and controlled manner. API management Gives you control over the API across it’s entire lifecycle, from design to deployment to operational health. API management solutions Provide the capabilities to address and automate your API management requirements.
  • 14. 14© 2018 Rogue Wave Software, Inc. All Rights Reserved. Sample API architecture
  • 15. 15© 2018 Rogue Wave Software, Inc. All Rights Reserved. In addition, take care of ‘implicit’ API requirements Summary: Benefits of an APIM solution for PSD2 Delegate PSD2 API requirements Decouple published API from downstream landscape Offer flexibility re. published API • In particular: API security, authorization • Rate limiting, consumer management, API lifecycle management, etc. • Interoperability, different target consumers, etc.
  • 16. 16© 2018 Rogue Wave Software, Inc. All Rights Reserved. Watch the on-demand webinar
  • 17. 17© 2018 Rogue Wave Software, Inc. All Rights Reserved. Implementation standards
  • 18. 18© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 / OB standards • Regulatory Technical Standards (RTS) on strong customer authentication and secure communication • UK Open Banking (with PSD2 additions) • Berlin Group • STET • Polish API (and others)
  • 19. 19© 2018 Rogue Wave Software, Inc. All Rights Reserved. Standards comparison • UK Open Banking (≠ PSD2): – Fully open standards-based (OAuth2.0, OIDC, PKI, JWT, etc.) – Swagger docs published • Berlin Group: – Standards like OAuth2.0 optional rather than preferred – Deviation and divergence • E.g. OAuth scopes, signing HTTP messages, ..
  • 20. 20© 2018 Rogue Wave Software, Inc. All Rights Reserved. Standards divergence • Deviations force customization • Interoperability consequences? – …across ‘standards’?
  • 21. 21© 2018 Rogue Wave Software, Inc. All Rights Reserved. Multiple initiatives (that may not be compatible) Summary: Standards Indispensable for effective technical implementation, yet.. Not yet complete ‘Exotic’ elements may force customization Interoperability concerns
  • 22. 22© 2018 Rogue Wave Software, Inc. All Rights Reserved. Added value of API management
  • 23. 23© 2018 Rogue Wave Software, Inc. All Rights Reserved. Sample PSD2 portal
  • 24. 24© 2018 Rogue Wave Software, Inc. All Rights Reserved. Import PSD2 specified API
  • 25. 25© 2018 Rogue Wave Software, Inc. All Rights Reserved. PSD2 requirements: API security • Certificate-based client authentication • OAuth2.0 (as one way to deal with authorization) Policies - configurable - reusable - versioned
  • 26. 26© 2018 Rogue Wave Software, Inc. All Rights Reserved. API best practice: rate limiting • Limit the number of requests • Protect your downstream systems (request overload)
  • 27. 27© 2018 Rogue Wave Software, Inc. All Rights Reserved. API best practice: API lifecycle management • API development lifecycle – E.g. dev, test, QA, prod • API consumption lifecycle – Accepted, rejected, suspended, revoked • API versioning – Notification, parallel versions
  • 28. 28© 2018 Rogue Wave Software, Inc. All Rights Reserved. API best practice: API analytics • Does my API provide the expected business value? • What consumption trends do I see? • Do my APIs function as expected?
  • 29. 29© 2018 Rogue Wave Software, Inc. All Rights Reserved. Non-mandatory APIs • Open banking as a business opportunity… • …offering a much wider range of services… • …that will make your bank stand out.
  • 30. 30© 2018 Rogue Wave Software, Inc. All Rights Reserved. Allow for effective consumer on-boarding and management Summary Help you with the technical implementation of your PSD2 API-based interface Provide you with a flexible/adaptable solution Ensure effective management of your APIs Offer great possibilities to offer additional functionality (opening up further business opportunities) An APIM solution is indispensable for an effective implementation of the PSD2 interface. It will:
  • 31. 31© 2018 Rogue Wave Software, Inc. All Rights Reserved. Q & A
  • 32. 32© 2018 Rogue Wave Software, Inc. All Rights Reserved. Next steps: Learn more in our blog series on PSD2 & Open Banking at: blog.akana.com Watch the full webinar on-demand.
  • 33. 33© 2018 Rogue Wave Software, Inc. All Rights Reserved.