TPIsoftware | API Management Platform

What is Open Banking?

Open banking originated in 2015 under The Revised Payment Services Direcctive of the EU. In August of the following year (2016), Britain first asked its 9 major banks to adopt the system, then in 2018 they introduced it forcefully. Afterwards other countries such as USA, Australia, and Singapore joined in creating related laws, encouraging the initiation of Open Banking in banks. This new campaign is also coming from Europe to Taiwan. In 2019, the Taiwan Financial Supervisory Commission finalized the introduction of Open Banking in Taiwan into three stages.

3 Phases of Open Banking in Taiwan

2019

Phase I

Public information

Open product information, like: exchange rates, mortgage interest, etc.

2020

Phase II

Personal information

Personal banking accounts and checking balances can be consolidated through a third party APP.

2021 Q1

Phase III

All information

Payment, transaction, and transfers, etc, can be done through a third party product.

3 Phases of Open Banking in Taiwan

As the campaign of Open Banking rises, digiRunner provides complete features of corporate level API management platform, provided with financial setups and third party platforms to use information with higher versatility. This not only creates a new buisness model, but also provides users a better experience through third party platform, increase market usage and ecosystem.

digiRunner realizes the three steps open banking standards.

digiRunner API managing platforms reflect the law requirements of open banking financial supervisory commission, by unifying stands and safety managing mechanism and accelerating extensive cooperation between financial industries and TSP industries, to achieve industrial reach and expland profit.

Traditional Banking VS Open Banking

Traditional banking Service reach centralized, little versatility, and higher user service conversion costs.

Consumer

Bank

Finance service

Traditional Banking VS Open Banking

Open banking In alliance with multiple industries, high versatitlity with service development, keeps the customer's needs closer.

Consumer

TSP

Finance service

Bank

Open information for each steps

Open information for each steps are included down below

TPI digiRunner helps create strategies for API platforms, allowing banks to be more flexible.

Step one-Publish open information

information consolidation
incease efficiency

digiRunner; API managing platforms have patented service that doesn't inhibit special features of hot deployment. Up to 50 percent of development speeds between platforms and th adjoining efficiency between downstream systems are increased. API's auto explore, immediate warning, transaction managing features can accomplish the safety management in transport layer, information layer, and behavior layer, allowing IT personnel not have to worry about the cyber security of the mainframe platform, and can directly authorize different systems directly from the platform, taking out the extra step to fix programming like in the past and greatly decreases management and maintenance time.

Step two-Publish personal information

authorization mechanism
Covering of everything

Comply with Open Banking API standards, personal information and transaction sensitive information are completely protected. From date transport layer (confidentiality, data integrity, source of information, unrepeatability), information layer (information completeness verification, encrytion on sensitive personal information, anti-hacking), behavior layer (OAuth2 verification mechanism and authorization timeliness, Client authorization and IP Check) all are protected from risks of cyber security to assist in provided Token mechanism, to efficiently manage API users which includes authorization mode and flow managment.

Step three-Publish transaction information

finance data
safe sharing

Through all-round digiRunner API, managing platform structures realize open banking's final purpose, under the users agreement, TSP affiliates can connect account payment, deduction, transaction through APP after integrating account infroamtion to really achieve "Finance date safe sharing," providing consumers a more complete fianancial experience.

Skill structure of safety standards

digiRunner's professional consultant team, assists in creating the skill structure that conforms with each countries Open Banking standards.

Skill structure of safety standards

digiRunner's professional consultant team, assists in creating the skill structure that conforms with each countries Open Banking standards.

Client

TSP affiliates

Bank

Bank or external examination

Non-encrypted HTTP

Encrypted HTTPS

Agent

1 Users initiate banking services

TSP verifies users

2 Process demonstration

Figure A

3 Return authorization form bank

Sends Authorization Code to TSP

7.3 Results returned

Return used API resource

TSP Server
Third party dealer

4 Demand saved authorization

Sends Authorization Code to bank portal

6 Authorization returned

Resends access_token

＊Picks JWE token

7.1 Demand access of information

Uses Access_token
Make use of API resources

OAuth Server
(Bank or APIM)

Resource
Server
APIM

5 External examination

Calls API external examination

7.2 Accessed resources

Access services provides by bank

Identity Sever
(Supports third party or bank verification Sever)

Backstage system bank services

Figure A

Communicates through TSP app and Oauth server

User login

1. Core screen pops out (outer URL)
2. User enters ID/PWD

Level/service selection

Open features based on level

3. Verfication successful, obtains TSP Server (Client); can now use Group List
4. Jumps to page providing User the option to provide agreement authorization

Enter verification code

Bank returns authorization permit

5.Obtain Authorization Code

When users authorize for TSP to process related bank information, no records of account username and password would be left behind or saved, rather only through user authorzation will related information be integrated.

How to select API managing platform?

When selecting a API managing platform, it not only raises the efficiency of enjoining APIs, it also greatly decreased internal personel's time in managing API. It's a indispensible helper in a time where both sides sare entering Open Banking. On the current market, API managing platforms all provide unification of interface formats and information encrypting features. Besides that, if platforms still provide graphical user interface, allowing anyone to learn how to operate immediately, it can save time in internal system familiraizaion and managment, also whether platforms can provide external cooperating partners the authorization to managing features, is also a hot top of consideration; in parts of identity verifaction and API authorization, what every coutry now reference is from Oauth2 standards to strenghten managment, therefore by selecting something that satisfies all ID verifcation methods and authorization standards of platforms can help financial setups and TSP save more time in developing related API.

API information security lock, API monitoring warning, API manage and authorization, API system integration

TPI digiRunner helps create strategies for API platforms, allowing banks to be more flexible.

Strengthen information security protections

ID verification that complies with Oauth2 standards and API authorization mechanism, interface format unification, information encryaption.

Elasticity increases service

Adjusting elasticity based on needs and expaning API application provies banking and financial industries more flexibility in using financial information and publishing API.

Keeping the users close

Graphical interfaces that are user friendly provides complete API managing analysis report.

Service security stable

Platforms have flow rate controls, cancelation of repeating transaction such unique mechanisms, to nsure service security stability is uninterupted.

Rich experienced examples

Native Taiwan manufacturers, riding on multiple years of service experiences, collecting industrial, law and science opinions, providing a complete API managing consulting experience.

TPIsoftware | API Management Platform | Open Banking

What is Open Banking?

digiRunner realizes the three steps open banking standards.

Skill structure of safety standards

Skill structure of safety standards

How to select API managing platform?

TPI digiRunner helps create strategies for API platforms, allowing banks to be more flexible.

Subscribe