IAM: The Key to Open Data Sharing
Australian Consumer Data Right (CDR) and Open Banking
get the ebook watch the demoCDR and Open Banking in Australia
The global momentum toward consumer data rights, starting with open financial APIs, cannot be denied. The Australian government has mandated open consumer data APIs in key industries, and Australia’s Big 4 banks are moving forward with open APIs based on a timeline of July 2020. All other banks in Australia are bracing themselves for their own deadline, July 2021. Unlike other jurisdictions around the world at this time, Australia’s standards effort will eventually impact all verticals in the country. The retail energy sector is already on its way to defining an Open Energy regime, and Open Telco has been slated as the next in line.
open ebookModernise IAM to Secure Open Banking
The Open Banking initiative of CDR prioritises consumer data rights, privacy and informed consent. To comply, Australia’s financial services institutions must adopt technology that allows them to expose and protect account data via APIs in a security framework. An API gateway on its own is insufficient to keep customer data protected and ensure proper consent management. To turn the CDR requirements into a competitive advantage and be able to quickly adapt and earn consumer trust, leading financial institutions must take action to modernise their infrastructure today, with modern identity and access management (IAM) at its core.
open solution brief
For enterprises working to put financial APIs in place in response to compliance deadlines, Ping Identity helps navigate the financial technology partner landscape to integrate with leading API gateways and leverage pre-built financial API layers, platforms and managed services deployed within a security framework powered by Ping Identity.
Quickstart Your Open Banking Environment
Our pre-configured sandbox can get you up and running quickly with a development environment that aligns to the CDR specifications for Open Banking. It’s compliant with the FAPI CDR conformance suite and packaged to integrate with bank APIs. Then use our CDR Integration Kit to move easily from development to production. We’ll continue to update the sandbox and integration kit as the regulation evolves, reducing not only the initial set up cost but the ongoing cost of responding to regulatory changes. As an added bonus, you’ll gain a flexible platform that you can use for other identity security projects across your enterprise.
If you’re a tier 2 or tier 3 bank, time is short. Go beyond slideware and whiteboard descriptions—make use of a working CDR-aligned sandbox that can jumpstart your journey to compliance today
watch the sandbox demo See the Integration Kit
IAM: The Key to Open Banking
As a leading vendor in the IAM space, Ping Identity’s IAM technologies are used by hundreds of financial services enterprises, including large retail banks, challenger banks and emerging fintech organisations, as well as Open Banking Ltd. in the UK.
- SECURE ACCESS TO ACCOUNT DATA
To enable fine-grained authorisation to access consumer data in financial APIs, financial enterprises are combining our market-leading federation solution (PingFederate) and our API access security solutions (PingAccess, PingIntelligence for APIs and PingDataGovernance). This provides standards-based, intelligent support for an OAuth 2.0-based API security model, including OpenID Connect (OIDC) and Financial-grade API (FAPI) specifications.
- CONSENT MANAGEMENT
Each time a customer requests access to their account data via a third-party provider (Data Recipient), the account holding institution (the Data Holder) must check the request against data consent policies and log an auditable consent record. This is supported by our highly scalable identity datastore (PingDirectory) and our customer-centric data access and consent management product (PingDataGovernance).
- CUSTOMER AUTHENTICATION
PingID, our contextual multi-factor authentication (MFA) solution, provides real-time assurance that it’s truly your banking customer on the other end of a third-party API call requesting their account data. PingID enables customised, detailed MFA notifications so your customer will know exactly what data they’re entrusting with a third-party app.
Open Banking Runs on Ping
OPPORTUNITY
In the UK, Open Banking, Ltd. needed to establish a trusted whitelist to ensure that banks and third parties meet certification standards for seamless interoperability and know at all times who can access what APIs. They considered building the register in-house, but needed to go live by January 2018.
RESULT
They chose to build the Open Banking Directory on the Ping technology stack, and were able to deploy successfully within the limited time frame. “Many of the banks in the UK and indeed globally are using Ping as a core IAM vendor. It’s quite interesting that Ping plays a role in both the security model at banks but also in the trust framework that we’ve developed internally at Open Banking.”
-Chris Michael, Head of Technology, Open Banking
read the story
Additional Australia Open Banking Resources
Start Today
See how Ping can help you deliver secure employee and customer experiences in a rapidly evolving digital world.
Contact Sales
Request a free demo
Thank you! Keep an eye on your inbox. We’ll be in touch soon.
