Upload
buidieu
View
219
Download
3
Embed Size (px)
Citation preview
Hosts
Tricia Balfe, COO, XMLdation Ireland
triciabalfe
Jarkko Leppälahti, CEO
jarkkoleppalahti
@api_lifecycle
PSD2 Overview
Main purpose : open up market for payments services
Banks must provide 3rd party access to payment initiation and account information services
• Under well-defined conditions
Defines policy, doesn’t set technical direction
Useful explanation • https://www.starlingbank.com/explaining-psd2-without-tlas-
tough/
PSD2 Timeline
Jan 2018 :
• PSD2 transposed to national law
Sept 2018 :
• earliest date for security aspects
http://digitalbaobab.com/wp-content/uploads/2016/02/psd2-timelines.pdf
Technology
RESTful JSON APIs are a natural choice
Wide adoption in other industries, simplicity is key
Used by Fintech, and in Digital and API Programmes at banks
Used by Challenger banks
Aggregators
Standards-related Activity
http://www.berlin-group.org/open interoperability standards and harmonisation initiative, the NextGen PSD2 Taskforce
https://www.caps-services.com/open framework realising the regulatory intent of PSD2 (aggregator)
https://www.abe-eba.eu/thought-leadership/regulatory-guidance/New publications in early 2017
Non-PSD2 : UK CMA Open Bankinghttps://www.gov.uk/government/news/cma-paves-the-way-for-open-banking-revolutionStandards sometime in 2017
(There is also work ongoing in security)
What is ISO 20022?
Standard for Financial Messaging, iso20022.org
Agreed vocabulary for financial services & financial data exchanged between parties
• Uses XML currently
• Can use other syntaxes e.g. ASN.1
• Plans to publish JSON syntax in 2017 ??
Growing global adoption
https://www.iso20022.org/adoption.page, April 2016
SEPA and CGI-MP corporate to bank, including account statements; SEPA bank to bank;SEPA instant payments, Nov 2016, http://www.europeanpaymentscouncil.eu/index.cfm/sepa-instant-payments/sepa-instant-credit-transfer-sct-inst/European Target2SPayments Canada, 2020US Chips, high value payments, 2020Etc
JSON APIs and ISO 20022
ISO 20022, SEPA, SEPA Instant Payments etc
API Platform
JSON APIs
Core Banking Platforms
Integration Middleware
Mobile Apps Mobile Apps
API Platform
Core Banking Platforms
Integration Middleware
JSON APIs
Bank payment systems increasingly ‘speak’ ISO 20022APIs and ISO 20022 payments infrastructure will coexist
Following ISO 20022 Best Practices
ISO 20022 solves longstanding issues
• E.g. remittance information
Has an agreed vocabulary forfinancial domain
https://www.swift.com/file/23901/download?token=izEXYBlb
XS2A Example: account statement
Example account details in JSON
ISO 20022 camt.053 XML, account statement
Simplicity
Simplicity is critical for APIs
Direct mapping of ISO 20022 will be too complex
“Basic” ISO 20022 XML pain.001 credit transfer : 110 lines
Simplicity – Detailed Example
InitgPty / Initiating Party in ISO 20022 = company initiating a credit transfer
ISO 20022 XMLDirectly Mapped JSON : longwinded
The essentials in JSON : much simpler
Useful precedents e.g. Currency
Notes:
A simplistic API might ‘assume’ a currency value
ISO 20022 mandates that you explicitly define currency
ISO 20022 follows a standard for currency codes (ISO 4217)
Previous SWIFT MT standard combined currency and amount in a single field:
• makes life difficult for developers
From SWIFT MT940 : earlier generation of account statements, still in
widespread use
ISO 20022 XML Corresponding JSON
(D/C Mark)(Date)(Currency)(Amount)
Other examples….
Consider using credit / debit indicators, not negative amounts
Remittance information : limitations on characters (latin, cyrillic etc)
Structure of postal addresses
IBANs and BICs, and when they are required
Standard for identifying countries and bank transaction codes
Etc…
Advice on getting started
Review APIs against ISO 20022 thoughtfully• What fields are important in ISO 20022
• What fields should be mapped directly
• What business rules need to be honoured (ISO 20022 & bank)
• Keep simple, align where reasonable
Careful mapping will facilitate interoperability
Monitor standards activities around APIs
XMLdation PSD2 / API Offering
SaaS platform for managing API definitionsWith automatic generation of API validation policies, test components and
Developer Portal content from a single source
PSD2 Consultancy
Advising / supporting bank teams to reach PSD2 compliance and launch Fintech partnership programmes
Bank Challenges
PSD2 Compliance
Bank Programme Tracks
Time to Market
Business of APIs
API Layer Access and Identity
API Integration to Backend
End to End Testing
Partnership Model
Developer Supports
Benefits
XMLdation API Offering
Product
Management
IT
dev &
testing
API Project
Onboarding
& support
Client
Business
development
API definition management
Onboarding
Developer Services
Production Systems
API Validation Policies
Test Automation Framework
Test Components
Bank IT Environment
• XMLdation is a world leader in end-to-end testing of standardised financial transaction messages : ISO 20022, SWIFT MT, JSON APIs
• Our innovative Software-as-a-Service assists banks, e-invoicingproviders, clearing houses, financial software vendors in theimplementation, testing and maintenance of transaction messages.
• XMLdation service is used by more than 20 banks in over 50 countriesworldwide
• Headquartered in Tampere, Finland; Office in Cork Ireland
• Established in 2009
• Video http://myxml.is/offering16
@api_lifecycle @xmldation
Next PSD2 WebinarThursday Feb 16, 2017Tuesday Mar 21, 2017
PSD2: Implementing APIs that interoperate with ISO 20022
More on API / ISO 20022 alignment
Defining ‘ISO 20022’ business rule policies for APIs
Applying ISO 20022 policies on an API platform
Wrapup
Register for upcoming webinars
http://www.xmldation.com/en/company/events-list
Webinar slides
Slides will be posted to website after webinars. You will receive a link by email.
Getting started with PSD2
Drop us an email at [email protected], and we’ll help