Open banking platform and API aggregation

E-Learning-Lösung für Desktop und Web mit Funktionen für professionelles Online-Videotraining.

Kunde

Branche
IT
Region
Europe
Kunde seit
2019

Our client is a large European IT enterprise 24K+ employees on board. They specialize in creating large-scale software mainly for FinTech, healthcare IT, and logistics.

Detaillierte Informationen über den Kunden können aufgrund der Bestimmungen der Vertraulichkeitsvereinbarung (NDA) nicht offengelegt werden.

Challenge

Our client was looking to create a new open banking platform for their European office. The main reason was the Directive On Payment Services 2 regulations coming into force. The European financial institutions need to provide access to accounts, records, and services to verified eIDAS certified Third Party Providers (TPP) acting on behalf of a Payment Service User and supply such parties with suitable interfaces to initiate payments and get account information.

The bank contacted Innowise Group to create the open banking platform that would ensure compliance with the legislation requirements, seamlessly integrate the new system with their existing environment, introduce the necessary updates to their technical infrastructure while addressing security concerns associated with financial data and tangible information processing.

Open banking platform and API aggregation

Lösung

To address these challenges, Innowise Group compiled the PSD2 compliance platform, which ensured fast access and easy data retrieval for certified third parties and included, among other things.

  • API authentication for identity and process checks
  • API data access verified by Payment Service Users
  • API aggregation for financial data and initiating payments from multiple sources
  • API documentation, engineering SDKs, and manuals
  • Putting in place robust security protocols and clear access rights identification

Each course contains a series of videos downloaded on the cloud server. To get full access to a training course, users need to buy access. They can buy access to a specific video course, course packages, or purchase a paid subscription for a specific period. The platform is available for businesses and individuals.

Open banking platform

Technologien

Backend
Java 11, Maven, Spring Boot, PostgreSQL, Flyway, Kafka, K8s, Jenkins

Prozess

We started with investigating our client’s needs and the PSD2 regulatory interpretation to ensure precise adherence to its requirements. We then identified the application’s scope and determined the main milestones. Our team chose the Agile methodology to create the platform as fast as possible and make necessary amendments on the go if necessary.

The development process consisted of two stages: building the web interface to be accessed by the TPP and creating a secure open API. We chose our stack, relying on our expertise working with similar projects. We used mainly open-source techs, customizing them to the client’s needs by adding new components and plugins.

Our web developers concentrated on building an easy-to-operate interface, yet the most critical part was creating a secure API with identity authentication provisions. We provided authentication at the API management layer to free up the back end API. This approach also helped us centralize the configuration of authentication of several disparate APIs to manage various levels of TPP’s access. No data is stored on our side, only tokens. All authorizations to receive data require confirmation after a redirect to a bank page. We relied on Grafana tools to display the info dashboards. The final step was integrating the solution with the bank’s ecosystem, and set-up effective consent management frameworks implementing QWACs and QSEALS security protocols for PSD2 compliance, and writing detailed user manuals for TPPs.

Open Banking

Team

3
Backend-Entwickler
1
QS-Ingenieur

Ergebnisse

With the open banking solution integrated, the bank lets TPPs access its clients’ accounts, including their balances and their ability to initiate payments. Thanks to robust, safe API, consent management protocols, and SCA client authentication in place, the bank can guarantee all data is processed securely at all times. Our team continues to support the solution.

All TPPs only have access to specific data clusters verified by Payment Service Users, such as account balances, deposits, transactions, limited transaction history abstracts, and more. The web interface is easy to use, providing clear navigation guidelines for every registered user.

With the required capabilities in place, the bank passed PSD2 Regulatory Technical Standards (RTS) certification and can now efficiently and seamlessly work with third parties making its operations future-proof in the open banking financial environment. The system is highly scalable and can deal with a growing number of users with no downtime.

Projektdauer
  • Since 2021

Sie brauchen eine technische Lösung? Kontaktieren Sie uns!

Wählen Sie das Thema Ihrer Anfrage

Bitte beachten Sie, wenn Sie auf die Schaltfläche Senden klicken, dass Innowise Group Ihre Datenschutzrichtlinie um Ihnen die gewünschten Informationen zukommen zu lassen.

Wie geht es weiter?

1

Sobald wir Ihre Anfrage erhalten und bearbeitet haben, werden wir uns mit Ihnen in Verbindung setzen, um Ihre Projektanforderungen zu besprechen und eine NDA zu unterzeichnen, um die Vertraulichkeit der Informationen zu gewährleisten.

2

Nach Prüfung der Anforderungen erstellen unsere Analysten und Entwickler einen Projektvorschlag, der Arbeitsumfang, Teamgröße, Zeit- und Kostenschätzung enthält.

3

Wir vereinbaren einen Termin mit Ihnen, um das Angebot zu besprechen und eine Vereinbarung zu treffen.

4

Wir unterzeichnen einen Vertrag und beginnen umgehend mit der Arbeit an Ihrem Projekt.