Open banking platform and API aggregation

Desktop and web eLearning solutions with a top-notch feature set for online professional video training.

Customer

Industry
IT
Region
Europe
Client since
2019

Our client is a large European IT enterprise 24K+ employees on board. They specialize in creating large-scale software mainly for FinTech, healthcare IT, and logistics.

Detailed information about the client cannot be disclosed under the provisions of the NDA.

Challenge

Our client was looking to create a new open banking platform for their European office. The main reason was the Directive On Payment Services 2 regulations coming into force. The European financial institutions need to provide access to accounts, records, and services to verified eIDAS certified Third Party Providers (TPP) acting on behalf of a Payment Service User and supply such parties with suitable interfaces to initiate payments and get account information.

The bank contacted Innowise Group to create the open banking platform that would ensure compliance with the legislation requirements, seamlessly integrate the new system with their existing environment, introduce the necessary updates to their technical infrastructure while addressing security concerns associated with financial data and tangible information processing.

Open banking platform and API aggregation

Solution

To address these challenges, Innowise Group compiled the PSD2 compliance platform, which ensured fast access and easy data retrieval for certified third parties and included, among other things.

  • API authentication for identity and process checks
  • API data access verified by Payment Service Users
  • API aggregation for financial data and initiating payments from multiple sources
  • API documentation, engineering SDKs, and manuals
  • Putting in place robust security protocols and clear access rights identification

Each course contains a series of videos downloaded on the cloud server. To get full access to a training course, users need to buy access. They can buy access to a specific video course, course packages, or purchase a paid subscription for a specific period. The platform is available for businesses and individuals.

Open banking platform

Technologies & tools

Backend
Java 11, Maven, Spring Boot, PostgreSQL, Flyway, Kafka, K8s, Jenkins

Process

We started with investigating our client’s needs and the PSD2 regulatory interpretation to ensure precise adherence to its requirements. We then identified the application’s scope and determined the main milestones. Our team chose the Agile methodology to create the platform as fast as possible and make necessary amendments on the go if necessary.

The development process consisted of two stages: building the web interface to be accessed by the TPP and creating a secure open API. We chose our stack, relying on our expertise working with similar projects. We used mainly open-source techs, customizing them to the client’s needs by adding new components and plugins.

Our web developers concentrated on building an easy-to-operate interface, yet the most critical part was creating a secure API with identity authentication provisions. We provided authentication at the API management layer to free up the back end API. This approach also helped us centralize the configuration of authentication of several disparate APIs to manage various levels of TPP’s access. No data is stored on our side, only tokens. All authorizations to receive data require confirmation after a redirect to a bank page. We relied on Grafana tools to display the info dashboards. The final step was integrating the solution with the bank’s ecosystem, and set-up effective consent management frameworks implementing QWACs and QSEALS security protocols for PSD2 compliance, and writing detailed user manuals for TPPs.

Open Banking

Team

3
Backend Developers
1
QA Engineer

Results

With the open banking solution integrated, the bank lets TPPs access its clients’ accounts, including their balances and their ability to initiate payments. Thanks to robust, safe API, consent management protocols, and SCA client authentication in place, the bank can guarantee all data is processed securely at all times. Our team continues to support the solution.

All TPPs only have access to specific data clusters verified by Payment Service Users, such as account balances, deposits, transactions, limited transaction history abstracts, and more. The web interface is easy to use, providing clear navigation guidelines for every registered user.

With the required capabilities in place, the bank passed PSD2 Regulatory Technical Standards (RTS) certification and can now efficiently and seamlessly work with third parties making its operations future-proof in the open banking financial environment. The system is highly scalable and can deal with a growing number of users with no downtime.

Project duration
  • Since 2021

Need a technological solution? Contact us!

Select the subject of your inquiry

Please be informed that when you click the Send button Innowise Group will process your personal data in accordance with our Privacy Policy for the purpose of providing you with appropriate information.

What happens next?

1

Having received and processed your request, we will get back to you shortly to detail your project needs and sign an NDA to ensure the confidentiality of information.

2

After examining requirements, our analysts and developers devise a project proposal with the scope of works, team size, time, and cost estimates.

3

We arrange a meeting with you to discuss the offer and come to an agreement.

4

We sign a contract and start working on your project as quickly as possible.