Apidays New York 2024 - The value of a flexible API Management solution for Open Banking by Steve Melan, State's and Saving's Bank of Luxembourg

Transcript

1. None
2. None
3. None

4. 3 | SPUERKEESS.LU 3 | SPUERKEESS.LU Internal The value of

   a flexible API Management solution for Open Banking SPUERKEESS.LU Steve MELAN Manager for IT Innovation and Architecture State's and Saving's Bank of Luxembourg (SPUERKEESS)

5. 4 | SPUERKEESS.LU 4 | SPUERKEESS.LU Internal Manager of IT

   Innovation & Architecture at SPUERKEESS Microsoft MVP since 2013 Public speaker Passionate about IBM Integration Excited about Microsoft Azure Thrilled about the Age of AI Steve Melan

6. 5 | SPUERKEESS.LU 5 | SPUERKEESS.LU Internal Tradition and banking

   innovation since 1856 The largest network of agencies and self-banking spaces Long Term Deposit Rating Moody’s Rating Standard & Poor’s Rated among the safest banks in the world since 2011 by Global Finance Magazine https://www.spuerkeess.lu/

7. 6 | SPUERKEESS.LU 6 | SPUERKEESS.LU Internal Security is a

   critical aspect of Open Banking API Security: Since open banking relies heavily on APIs, ensuring their security is paramount. This includes implementing robust encryption, authentication, and authorization protocols. Data Privacy: Protecting customer data from unauthorized access is essential. This involves not only securing the data during transmission but also ensuring that third-party apps do not misuse it. Fraud Prevention: Open banking increases the risk of financial fraud. It’s important to have systems in place to detect and prevent fraudulent activities, especially if an app or a user’s mobile device is compromised. Regulatory Compliance: Adhering to regulations and standards set by financial authorities, such as the PSD2 and the upcoming PSD3, helps in maintaining a secure open banking environment. Risk Management: Regularly assessing and managing risks associated with open banking can help in identifying potential security threats early on.

8. 7 | SPUERKEESS.LU 7 | SPUERKEESS.LU Internal Our journey to

   an API Infrastructure Business Logic already exposed internally as SOAP Web Services and RESTful APIs Connected through Microsoft Host Integration Server to an IBM Mainframe Z More then 10 million API calls per day Find the perfect match to expose our Web Services as APIs API Management Solution must be available on-premises in order to be compliant with local security policies

9. 8 | SPUERKEESS.LU 8 | SPUERKEESS.LU Internal Why Nevatech Sentinet

   API Gateway ? Entirely built on the Microsoft platform Unified management solution for on-premises, cloud and hybrid environments Extends Microsoft API/SOA stack capabilities with governance and automated management for RESTful APIs and SOAP services Integrates Microsoft and non-Microsoft technologies Unique User Interface with extremely rich capabilities and ease of use Virtually unlimited extensibility via Microsoft .NET code Full control and ownership of confidential data

10. 9 | SPUERKEESS.LU 9 | SPUERKEESS.LU Internal Using the right

    API Gateway Helps to address common infrastructural challenges by allowing to focus on the business side of API solutions Provides solutions with faster time-to-market delivery Provides solutions with managed control and visibility Provides solutions with industry standard and custom security Enables solutions to adapt for continuous changes

11. 10 | SPUERKEESS.LU 10 | SPUERKEESS.LU Internal “With the right

    consumer protections in place, a shift towards open and decentralized banking can supercharge competition, improve financial products and services, and discourage junk fees”

12. 11 | SPUERKEESS.LU 11 | SPUERKEESS.LU Internal Advantages of Open

    Banking Market Competition and Innovation: Open banking encourages competition among financial institutions. Established banks are compelled to be more competitive with smaller and newer banks, leading to lower costs, better technology, and improved customer service. Diversification of Product Offerings: By leveraging open banking, banks can partner with third-party providers and use APIs to diversify their product offerings. This opens up new revenue streams that were previously untapped. Innovative solutions related to invoicing, payments, and cash flow management become more accessible. Improved Customer Experience: Open banking enables customers to share their financial data with third-party providers, granting access to a wider range of products and services. This enhanced customer experience fosters loyalty and engagement. Financial Inclusion: Open banking provides access to financial services for underserved populations. By leveraging data sharing, banks can reach previously excluded customers and offer tailored solutions.

13. 12 | SPUERKEESS.LU 12 | SPUERKEESS.LU Internal Challenges of Open

    Banking Data Privacy Concerns: Sharing sensitive financial data with third-party applications raises privacy concerns. Striking a balance between convenience and data protection is crucial. Cybersecurity Risks: The exchange of customer information through APIs introduces security vulnerabilities. Ensuring robust security measures to prevent data breaches is essential. Standardized APIs: The lack of standardized APIs can hinder seamless integration across different platforms. Consistent API design and implementation are necessary for successful open banking.

14. 13 | SPUERKEESS.LU 13 | SPUERKEESS.LU Internal What’s New with

    PSD3 ? Strong Customer Authentication (SCA) Regulations: PSD3 sets out more extensive SCA regulations, enhancing security for electronic payments and protecting consumers’ rights and personal information. Access to Payment Systems and Account Information: Stricter rules are introduced regarding access to payment systems and account information. This aims to promote competition and innovation in the financial industry. Payment Services Regulation (PSR): PSD3 includes a new PSR to improve consumer protection. The PSR will be directly applicable to EU member states, ensuring uniform implementation across the entire EU. Expanded Scope: PSD3 is expected to broaden its scope to cover new types of payment services, including emerging technologies like blockchain-based payments and virtual currencies. Better APIs: PSD3 aims to enhance open banking services by improving APIs, making it easier for consumers to securely share their data. Streamlined Authentication: The new directive aims to reduce friction during checkout by streamlining authentication processes. Direct Access to Payment Systems for Fintechs: PSD3 proposes granting fintech companies direct access to payment systems, fostering innovation in the industry.

15. 14 | SPUERKEESS.LU 14 | SPUERKEESS.LU Internal

16. Give Peace a Chance

17. 16 | SPUERKEESS.LU 16 | SPUERKEESS.LU Internal THANK YOU Copying,

    distributing or any other unauthorized use of the content of this presentation without the express prior written consent of Spuerkeess is strictly prohibited. Neither this presentation nor anything in it shall form the basis of any agreement or commitment. This presentation is not, and nothing in it should be construed as an individual or general offer, invitation or recommendation.