IAM: The Key to Open Banking
As a leading vendor in the IAM space, Ping Identity’s IAM technologies are used by hundreds of financial services enterprises, including large retail banks, challenger banks and emerging fintech organisations, as well as Open Banking Ltd. in the UK.
To enable fine-grained authorisation to access consumer data in financial APIs, financial enterprises are combining our market-leading federation solution (PingFederate) and our API access security solutions (PingAccess, PingIntelligence for APIs and PingDataGovernance). This provides standards-based, intelligent support for an OAuth 2.0-based API security model, including OpenID Connect (OIDC) and Financial-grade API (FAPI) specifications.
Each time a customer requests access to their account data via a third-party provider (Data Recipient), the account holding institution (the Data Holder) must check the request against data consent policies and log an auditable consent record. This is supported by our highly scalable identity datastore (PingDirectory) and our customer-centric data access and consent management product (PingDataGovernance).
PingID, our contextual multi-factor authentication (MFA) solution, provides real-time assurance that it’s truly your banking customer on the other end of a third-party API call requesting their account data. PingID enables customised, detailed MFA notifications so your customer will know exactly what data they’re entrusting with a third-party app.