Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Financial APIs Workshop - Japan/UK Open Banking and APIs Summit 2018 API
• API API 2
• https://www.linkedin.com/in/tatsuokudo – (1998-2008) – (2008-2018) – OpenID (2013-2014) – NRI (2014-2018) – Authlete (20...
API • API – e.g. – “Bank as a Service” – 2 API Banking 371 Source: https://www.programmableweb.com/category/banking 4
API “OAuth 2.0” • API 5 “OAuth 2.0” Source: https://www.slideshare.net/tkudo/api-meetup-oauth
API • • • 6 • Open Banking UK • Berlin Group NextGenPSD2 • Polish Bank Association • Slovak Banking Association • (France ...
Open Banking UK • FAPI Part 2 • Client Credentials Grant Type (OAuth 2.0) / OIDC Hybrid Flow • Request Object • Mutual TLS...
Open Banking UK 1. PSU (Payment Service User) AISP (Account Information Service Provider) 2. AISP ASPSP (Account Servicing...
Open Banking UK 1. PSU PISP (Payment Initiation Service Provider) 2. PISP ASPSP POST /payments (Mutual TLS, Client Credent...
OIDC Hybrid Flow (1) • Slovak Banking API Standard – OB UK PISP ID (orderId) ASPSP Request Object 10 Source: Slovak Bankin...
OIDC Hybrid Flow (2) • MKB – Open Banking UK Security Profile – OB UK PISP ID (openbanking_intent_id) ASPSP Request Object...
Berlin Group “NextGenPSD2” • 4 – Redirect SCA Approach – OAuth2 SCA Approach – Decoupled SCA Approach – Embedded SCA Appro...
Berlin Group “NextGenPSD2” Redirect / OAuth2 SCA Approach • PSU ASPSP PSU • “OAuth2” Redirect – Authorization Server Metad...
Berlin Group “NextGenPSD2” Decoupled SCA Approach • ASPSP PISP/AISP PSU 14 Source: NextGenPSD2 XS2A Framework Implementati...
Berlin Group “NextGenPSD2” Embedded SCA Approach • ASPSP PISP/AISP PSU 15 Source: NextGenPSD2 XS2A Framework Implementatio...
Berlin Group “NextGenPSD2” OAuth 2.0 • “Optional Usage” • PISP/AISP “pre-step” OAuth SCA Approach ASPSP API (XS2A interfac...
Decoupled • “PolishAPI” • NextGenPSD2 decoupled – OAuth 2.0 – TPP (Third-Party Provider) EAT (External Authorization Tool)...
Embedded • “STET” • Resource Owner Password Grant – ASPSP PSU Strong Customer Authentication 18 Source: PolishAPI Verison ...
• TPP ASPSP “intent” POST → intent id Request Object Open Banking UK • TPP ASPSP TLS • “Embedded” vs “Decoupled” 19
Thanks!
Upcoming SlideShare
Loading in …5
×

銀行APIのトレンド #fapisum

432 views

Published on

Prepared for Financial APIs Workshop - Japan/UK Open Banking and APIs Summit

Published in: Internet
no profile picture user

  • Be the first to comment

銀行APIのトレンド #fapisum

  1. 1. Financial APIs Workshop - Japan/UK Open Banking and APIs Summit 2018 API
  2. 2. • API API 2
  3. 3. • https://www.linkedin.com/in/tatsuokudo – (1998-2008) – (2008-2018) – OpenID (2013-2014) – NRI (2014-2018) – Authlete (2018-) • VP of Solution Strategy 3
  4. 4. API • API – e.g. – “Bank as a Service” – 2 API Banking 371 Source: https://www.programmableweb.com/category/banking 4
  5. 5. API “OAuth 2.0” • API 5 “OAuth 2.0” Source: https://www.slideshare.net/tkudo/api-meetup-oauth
  6. 6. API • • • 6 • Open Banking UK • Berlin Group NextGenPSD2 • Polish Bank Association • Slovak Banking Association • (France Stet)
  7. 7. Open Banking UK • FAPI Part 2 • Client Credentials Grant Type (OAuth 2.0) / OIDC Hybrid Flow • Request Object • Mutual TLS 7 Source: Open Banking Security Profile - Implementer's Draft v1.1.2 https://openbanking.atlassian.net/wiki/spaces/DZ/pages/83919096/Open+Banking+Security+Profile+-+Implementer+s+Draft+v1.1.2
  8. 8. Open Banking UK 1. PSU (Payment Service User) AISP (Account Information Service Provider) 2. AISP ASPSP (Account Servicing Payment Service Provider) POST /account-resource (Mutual TLS, Client Credentials Grant Type) 3. ASPSP PISP “AccountRequestId” 4. AISP AccountRequestId Request Object ASPSP OIDC Hybrid Flow 5. ASPSP PSU 6. ASPSP AISP 7. AISP ASPSP Mutual TLS 8. AISP GET /accounts Mutual TLS 8 Source: Account and Transaction API - v2.0.0 https://openbanking.atlassian.net/wiki/spaces/DZ/pages/127009546/Account+and+ Transaction+API+Specification+-+v2.0.0
  9. 9. Open Banking UK 1. PSU PISP (Payment Initiation Service Provider) 2. PISP ASPSP POST /payments (Mutual TLS, Client Credentials Grant Type) 3. ASPSP PISP ”PaymentId” 4. PISP PaymentId Request Object ASPSP OIDC Hybrid Flow 5. ASPSP PSU 6. ASPSP PISP 7. PISP ASPSP Mutual TLS 8. PISP POST /payment-submissions Mutual TLS 9. Optionally retrieve the status of a payment setup or submission 9 Source: Payment Initiation API - v1.1.0 https://openbanking.atlassian.net/wiki/spaces/DZ/pages/5786479/Payment+Initiation+API+Specification+-+v1.1.0
  10. 10. OIDC Hybrid Flow (1) • Slovak Banking API Standard – OB UK PISP ID (orderId) ASPSP Request Object 10 Source: Slovak Banking API Standard Version 1.1 http://www.sbaonline.sk/files/subory/projekty/sbas/sbas_ver1.1-final.pdf
  11. 11. OIDC Hybrid Flow (2) • MKB – Open Banking UK Security Profile – OB UK PISP ID (openbanking_intent_id) ASPSP Request Object 11 Source: Account and Transaction API Specification https://portal.sandbox.mkb.hu/api-documentation/account-info
  12. 12. Berlin Group “NextGenPSD2” • 4 – Redirect SCA Approach – OAuth2 SCA Approach – Decoupled SCA Approach – Embedded SCA Approach 12
  13. 13. Berlin Group “NextGenPSD2” Redirect / OAuth2 SCA Approach • PSU ASPSP PSU • “OAuth2” Redirect – Authorization Server Metadata 13 Source: NextGenPSD2 XS2A Framework Implementation Guidelines Version 1.1 https://docs.wixstatic.com/ugd/c2914b_5351b289bf844c6881e46ee3561d95bb.pdf
  14. 14. Berlin Group “NextGenPSD2” Decoupled SCA Approach • ASPSP PISP/AISP PSU 14 Source: NextGenPSD2 XS2A Framework Implementation Guidelines Version 1.1 https://docs.wixstatic.com/ugd/c2914b_5351b289bf844c6881e46ee3561d95bb.pdf
  15. 15. Berlin Group “NextGenPSD2” Embedded SCA Approach • ASPSP PISP/AISP PSU 15 Source: NextGenPSD2 XS2A Framework Implementation Guidelines Version 1.1 https://docs.wixstatic.com/ugd/c2914b_5351b289bf844c6881e46ee3561d95bb.pdf
  16. 16. Berlin Group “NextGenPSD2” OAuth 2.0 • “Optional Usage” • PISP/AISP “pre-step” OAuth SCA Approach ASPSP API (XS2A interface) 16
  17. 17. Decoupled • “PolishAPI” • NextGenPSD2 decoupled – OAuth 2.0 – TPP (Third-Party Provider) EAT (External Authorization Tool) ASPSP 17 Source: PolishAPI Verison 2.0 https://docs.polishapi.org/files/ver2.0/PolishAPI-spec-v2.0-EN.pdf
  18. 18. Embedded • “STET” • Resource Owner Password Grant – ASPSP PSU Strong Customer Authentication 18 Source: PolishAPI Verison 2.0 https://www.stet.eu/assets/files/PSD2/1_3/API_DSP2_STET_V1_3.pdf
  19. 19. • TPP ASPSP “intent” POST → intent id Request Object Open Banking UK • TPP ASPSP TLS • “Embedded” vs “Decoupled” 19
  20. 20. Thanks!

×
Save this presentationTap To Close