IAM: THE KEY TO OPEN DATA SHARING

Australian Consumer Data Right (CDR) and Open Banking

get the ebook watch the demo
The obstacle

CDR AND OPEN BANKING IN AUSTRALIA

The global momentum toward consumer data rights, starting with open financial APIs, cannot be denied. The Australian government has mandated open consumer data APIs in key industries, and Australia’s Big 4 banks are moving forward with open APIs based on a timeline of February 2020. All other banks in Australia are bracing themselves for their own deadline, July 2020. Unlike other jurisdictions around the world at this time, Australia’s standards effort will eventually impact all verticals in the country. The retail energy sector is already on its way to defining an Open Energy regime, and Open Telco has been slated as the next in line.

open ebook
The obstacle

BUILDING A NEW STANDARD FOR AUSTRALIA

In the face of regulatory directives, Australia’s leading financial institutions are turning to IAM technology partners to modernise their infrastructure in preparation for what’s to come. Championing existing and emerging open standards for financial APIs, Mark Perry from Ping Identity is the only vendor representative on the Advisory Committee helping to define Australia’s Open Banking standard as part of the Consumer Data Right.

read the blog
the solution

MODERNISE IAM TO SECURE OPEN BANKING

To comply with the Open Banking initiative of CDR, Australia’s financial services institutions will eventually have to adopt technology that allows them to expose and protect account data APIs in a security framework that prioritises consumer data rights, privacy and informed consent. To turn this requirement into a competitive advantage and be able to quickly adapt and earn consumer trust, leading financial institutions are taking action to modernise their infrastructure today. Our solution brief demonstrates the advantages of a digital banking strategy with modern identity and access management (IAM) at its core.

open solution brief

For enterprises working to get financial APIs in place in response to compliance deadlines, Ping Identity helps navigate the financial technology partner landscape to integrate with leading API gateways and leverage pre-built financial API layers, platforms and managed services deployed within a security framework powered by Ping Identity.

the solution

ASSESS YOUR EXISTING INFRASTRUCTURE

The Ping Intelligent Identity Platform is a comprehensive IAM solution that enables, secures and authorises third-party access to customer data in financial APIs. 


Several of your existing IAM technology capabilities may require modernisation in preparation for Open Banking. Watch this video to understand the components of API security so you can start to mentally assess which components of your architecture may require modernisation.

watch the video
the solution

IAM: THE KEY TO OPEN BANKING

As a leading vendor in the IAM space, Ping Identity’s IAM technologies are used by hundreds of financial services enterprises, including large retail banks, challenger banks and emerging fintech organisations, as well as Open Banking Ltd. in the UK.

  • SECURE ACCESS TO ACCOUNT DATA

    To enable fine-grained authorisation to access consumer data in financial APIs, financial enterprises are combining our market-leading federation solution (PingFederate) and our API access security solutions (PingAccess, PingIntelligence for APIs and PingDataGovernance). This provides standards-based, intelligent support for an OAuth 2.0-based API security model, including OpenID Connect (OIDC) and Financial-grade API (FAPI) specifications.

  • CONSENT MANAGEMENT

    Each time a customer requests access to their account data via a third-party provider (Data Recipient), the account holding institution (the Data Holder) must check the request against data consent policies and log an auditable consent record. This is supported by our highly scalable identity datastore (PingDirectory) and our customer-centric data access and consent management product (PingDataGovernance).

  • CUSTOMER AUTHENTICATION

    PingID, our contextual multi-factor authentication (MFA) solution, provides real-time assurance that it’s truly your banking customer on the other end of a third-party API call requesting their account data. PingID enables customised, detailed MFA notifications so your customer will know exactly what data they’re entrusting with a third-party app.

the proof

OPEN BANKING RUNS ON PING

OPPORTUNITY

In the UK, Open Banking, Ltd. needed to establish a trusted whitelist to ensure that banks and third parties meet certification standards for seamless interoperability and know at all times who can access what APIs. They considered building the register in-house, but needed to go live by January 2018.

 

RESULT

They chose to build the Open Banking Directory on the Ping technology stack, and were able to deploy successfully within the limited time frame. “Many of the banks in the UK and indeed globally are using Ping as a core IAM vendor. It’s quite interesting that Ping plays a role in both the security model at banks but also in the trust framework that we’ve developed internally at Open Banking.”

 

-Chris Michael, Head of Technology, Open Banking

 

read the story

Additional Australia Open Banking Resources


  • Blog

    Open Banking Australia Prompting IAM Modernisation

    Read now
  • white paper

    Digital Leaders Open Banking Roundtable, Sydney 2018

    get the white paper
  • Blog

    Australian Review Recommends UK Open Banking Standards

    Read now
  • Blog

    Improving CX with Client Initiated Backchannel AuthN

    Read now