KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Open Banking is a true global movement that has already been implemented in many countries and being implemented in many others in the next few years. While the overall objective of Open Banking is the same, every implementation is different. This session will provide an overview of analysis of different ecosystems, different approaches to implementation, industry standards used, best (and worst) practices and potential future developments.
Identity and API security are key building blocks for any trust ecosystem supporting Open Banking. We will explore why every Open Data project becomes an identity initiative.
Open Banking is a true global movement that has already been implemented in many countries and being implemented in many others in the next few years. While the overall objective of Open Banking is the same, every implementation is different. This session will provide an overview of analysis of different ecosystems, different approaches to implementation, industry standards used, best (and worst) practices and potential future developments.
Identity and API security are key building blocks for any trust ecosystem supporting Open Banking. We will explore why every Open Data project becomes an identity initiative.
Cool. So my name is Dima Nikko.
I, I come from Australia. I do have many hats on and some of them probably required for this presentation. So my background is consumer identity and banking. So I worked for two largest banks looking after identity architecture for the last six, seven years. And recently I switched to build an identity network similar to bank id. So that presentation was actually awesome and I've implemented or participated in the large programs implemented in open banking in in two of those banks, which sort of provide quite a bit of experience.
And I also work very closely with the standards by this open ID foundation on open banking, on the standard support in open banking. So that's the work that probably gives you the most perspective across the globe. And this presentation is aimed to provide some background or a collection of random facts about different implementations of open banking across the world.
And the other thing that's probably worthwhile mentioning last year, also, also the white paper on potential next phase of open banking, sort of cross board open banking within Open area Foundation with a lot of contribution across the globe. Some of that material made it in this presentation as well. I need to get the clicker through. So open banking is true global phenomena. As you can see there are multiple maps exist. I picked one just for demonstrative purposes.
As you can see, every year the space is slowly filling up and you can guess it probably in a few years time there won't be any gray areas left. So every country is doing something over the last six, seven years in open banking space. I think a lot of it started in Europe here with PSD two and with UK open banking leading the charge but slowly propagated across the world. And most of their, I think I'll probably get into some differences a bit later, but the ones that I'll probably pick on the most in this presentation is UK Open banking, which gone live I think in 2018.
And Australian open banking, which I had the most exposure to, which gone live in 2020 and I think Brazil's gone live in 2021. They'll pick different ways of implementing or different approaches, slightly different approaches even if they use similar standards. What else? One thing worthwhile mentioning is on this slide that each country all open banking ecosystem at the moment, they create it separately. They completely disjointed. So every country, every jurisdiction creates an open banking scheme and that's where it stays.
This is the, where the white paper that I mentioned focuses on potential next phase where we can interconnect them. It might be a dream, it might never happen, but it's considered it. I think it's a good idea at some point in time to be able to use your banking data from, for a global citizen anyway, to be use, to be able to use your banking data from Australia in Germany for example, one day maybe. Okay. Some of the updates that, and I'll quickly go through some semi random facts.
So the, the current activity in the definition of the new, new, new entrance in the open banking scheme, at least new approaches for those jurisdictions. There's quite a bit of conversation around us and mandating open banking in the US and Canada. And there's a lot of activity in Middle East right now. So as you can see, US and Canada probably not, not the best way to portray it on that map, but currently they consider to be as a market driven open banking jurisdictions and they have limited options.
The, the conversation right now around mandating open banking like it's done in some other jurisdictions or most of the jurisdictions, some of the other jurisdictions, they expand their regime. For example, Australia started off with just basically only data and they taken it, taken it to payments. Now Brazil is taking it from finance to from banking to insurance. So each of those ecosystem, they consistently change, expand their scope. This is just a couple example.
Yeah, specifically on Australia that, cuz that's where I come from. I think the right and the payments is probably gonna be a big focus for the next couple years for us probably with fine grain consent and new flows. I'll quickly go through some differences between those regimes. As that map shows different colors, you'll see that there are government driven and market driven open banking schemes, majority of them government driven, which means that they mandate it.
And my personal opinion, I think in order to facilitate the proper adoption, you do need to mandate it on the supply side to make sure that there are, there, there is data that consistent stream of data from all providers in the market and that's why it tends to go, I think most of the market driven slowly get converted to to regulatory driven and mandated. There is a bit of market driven on the demand side, on the relying party on the GPP side I think that makes more sense. But on the supply side, my personal opinion has to be mandated.
The coverage of that mandate is also different In the UK they've mandated it for the big nine banks and the rest of the market kind of followed, followed voluntary in Australia and Brazil. They mandated it to all banks, all authorized deposit institutions like we call 'em in Australia, all financial organizations. And then Australia expanded it to other sectors as well. And obviously aware that there is a voluntary scheme right now it's not a mandate, it's ad HOK adoption. There is a difference on how read and write has been implemented.
Read and write as in read only data versus write and payments. UK is gone live with payments pretty much straightaway because it was a result of PSD two. Similar happened in Brazil, Australia gone live only with Reid regime, which probably affected the adoption of Australian open banking significantly because there is not much you can do.
I think just creating that collection of functionality that's available through the regime is important because only then the fintechs will come and use it until, until, until then it probably not attractive for them enough in terms of different sectors, all of those sector systems started with banking and some of the jurisdictions expanded to other sectors. For example, in Australia, great example, we've gone from banking to energy and now next I think the next next industry is telco this year, later on. So the open banking becomes open data expanding to other sectors.
The hope is that the FinTech will come and use it for different use cases that currently don't exist across sectors, different levels of support for intermediate. Some regimes sort of work more on peer to peer and some allow for different intermediate regimes, which does affect security in my view quite a bit if it's not designed properly. So that's one of the significant considerations. One of the things as open banking rolled out in a time scale, which this diagram doesn't show well the hope is that every new ecosystem that comes in will learn on the others' mistakes and learnings.
And that's kind of been the case, which I dunno if I'll have time to show, I only have a few minutes to go through. So these are the, I'll go keep going through the differences. The level of standardization is different in some jurisdictions.
You know, everything is standardized in some only this security profile is standardized in some other ones, in some other ones APIs are sort of left up to each area to be defined. Like in Europe with PSD two level of options is different. I think UK provided different options in the authorization for the authorization flow, different options within security profile. I think Australia made a good choice to sort of streamline those or create a tight set of options that makes it easier, much easier to implement. Certification is an interesting one.
I think from implementation perspective it definitely helps summary regimes do the mandatory certifications and summary regimes don't do any and should be sane none, which does help the adoption. How much time do I have? Should Just A few minutes. Few minutes. I'm just thinking what should I focus on? I think the adoption is different from market to market. The most successful I think from what I can see right now is uk there are different ways to measure adoption.
You can look at the number of use cases, you can look on the number of participants and there are different websites that trying to measure that and on on surface there is quite a lot globally, even if it's not a hundred percent accurate, it's, it's really hard to measure the adoption, the true adoption, especially in some markets. Once again, like in Australia where we don't have, we don't have an open information. People and entities are not sharing the information about how many users, how many participants, how many connections, how many consents.
So it's really hard to anecdotal evidence in Australia that it's pretty low. I think there's quite a bit of success in Brazil. The FinTech market is very accurate and the banks participating on the FinTech side as well. UK does report success now but only after five, six years of being live. What else I can cover within a few minutes. So the other part of presentation, which you can probably get access to the slide goes through some of the learnings in terms of how to implement open banking.
There are certain building blocks that you need to implement in the ecosystem in order to deliver right. And over time the level of standardization to address those building blocks increased significantly. So if in the beginning when UK has been going live, they only had a security profile standardized the rest, a lot of it was custom. And the jurisdictions that go on live right now have many more of those building blocks and there is still a room for further standardization and you can sort of clearly see where there's a lot of custom stuff.
For example, in api, in API specifications area, at the moment it's still every jurisdiction does its own API specifications. But in the security or identity side of things, most of them tend to standardize on open connect and fpi. That's just a comparison. I can probably leave couple minutes for questions. So cuz we at time, So are there any questions in the audience?
Yeah, so
Yeah, if, if there might come up any questions, feel free to contact directly and have a bilateral or maybe a group talk about any, any questions or issues which came up.
