unleashing the api economy for banking payment … the api economy for banking payment services...

1

A New Era of Thinking

© 2016 IBM Corporation

Unleashing the API Economy for BankingPayment Services Directive 2 (PSD2)

IBM BusinessConnectA new era of thinking

Richard GamblinDigital Transformation Architect | European Technical [email protected] | @RichGx

Emmanuel TrenyEuropean Sales Leader for the Mobile & API [email protected] | @ETreny

2


2 | A New Era of Thinking

Session Themes

| BankingPSD2

3


3

Way we interact with our customers is constantly evolving

How we understand our data from simple queries to deep Q&A and cognitive insights

Where we run our workloads does not matter any more

4


4

Organizations are undergoing digital transformation

I don’t know 2%

No 10%

Yes 88%

Organizations undergoing digital transformation

Benefits of digital transformation

75%Lift in

engagement

63%Improved customer

satisfaction

53%Higher traffic

46%Greater

conversions49%Increased lead gen /

sales

5


5

New faces in Bank Industry

Non-bank entrants

Branchlessbanks

New payment models

New depository

6


6

CxOs expect industry convergence to have the largest impact on their business

Industry convergence

The “anywhere” workplace

Rising cyber riskThe redistribution of consumer purchasing powerThe sustainability imperativeAlternative finance and financing mechanismsThe sharing economyTotal CEO CFO CHRO CIO CMO COO

70%

60%

50%

40%

30%

20%

10%

0%

Top trends to impact business (in 3 to 5 years)

Source: IBM Institute for Business Value

7


7

DIGITAL

8


8

Unlock enterprise investments for competitive advantage

Unlock Existing Enterprise IT Investments

Exposed as APIs

Self Service Consumed by Developers

To Develop new Innovative Apps

and Services

Delivering Differentiated

B2C, B2B, B2E Experiences

9


9

10


10

IBM enables hybrid architectures to speed digital transformation

11


11

What will be your API strategy ?

Securely expose systems of record

Apps and data to Mobile, IoT, &

hybrid cloud apps

Foster new initiatives to best serve the publicIncrease public

benefits using new data & algorithms

Speed application development

Via self service library of reusable

APIs

Publish APIs to expand brand

reach

Tap into developer, partner ecosystem and other agencies

12



Session Themes

| BankingPSD2

13


13

§ Extension of scope (one leg payments) and removal of exemptions in comparison with PSD

§ Better customer protection

§ Strong (2-factor) customer authentication

§ Third Party Providers (TPPs) and access to the account (XS2A)- Account information services (AIS)- Payment initiation services (PIS)

§ Access for (non-bank) PSPs to payment schemes/systems

§ Extension transparency & provisioning information by PSPs

IBM Banking

PSD2

PSD2 Overview

14


14

Key points

Josh can access all of his ‘payment’ accounts via the

aggregator

The 3rd party may access + cache data even when Josh is

not using the app

Account providers cannot charge for access.

Accessing account information

Josh

Bank BBank A Credit CardProvider

Josh

Today PSD2

BuildingSociety


BuildingSociety

Third Party

15


15

Josh


Josh

Today PSD2

What are banks exploring?

With this disintermediation, who owns the relationship

with the customer?

How does this affect functional capabilities of front-

office systems? And, future investments in further

developments?

Why should we make it easy for the aggregator?

Accessing account information

BuildingSociety


BuildingSociety

Third Party

16


16

Key points

Josh needs to enter/ save his card details with the merchant

The merchant needs to demonstrate PCI-DSS

compliance

All parties involved in the payment processing chain

charge a fee

Paying for goods today

Josh

Buyer’s BankCard Schemes/ Networks Merchant’s Bank

Merchant1. Purchase

3.

4.

2 Acquirer

5

6. It’s on it’s way!

17


17

Key pointsJosh did not enter any card details

His experience of buying a product with a merchant had less “friction”

3rd Party authorised by Josh initiated the payment instruction

3rd Party can prove that Josh carried out the transaction

Traditional acquirers and card networks were not involved (Merchant paid less fees)

Money is pushed out of Josh’s account(s) rather than being pulled.

IoU is trusted by the Merchant

The account providers did (could) not charge the 3rd party

Buyer’s Bank Merchant’s Bank

2. Payment instruction

1. Purchase


2. Payment request

4. Payment Confirmation

JoshMerchant

PSD2 enables additional options for paying for goods online

Third Party

5. Confirmation to 3rd Party

6. Confirmation to Merchant


18


18

Buyer’s Bank Merchant’s Bank


1. Purchase


2. Payment request

4. Payment Confirmation

JoshMerchant

PSD2 enables additional options for paying for goods online

Third Party

5. Confirmation to 3rd Party

6. Confirmation to Merchant


What are banks thinking?

What proportion of payments will flow through the new PSD2 route?

How do we continue to generate payment services revenue?

Why would Josh use a payment initiator vs. existing services?

Who does Josh trust? For payments?

What are the value-added payment services?

What partnerships do we need to form?

19


19

TPP = Third Party ProviderXS2A = Access to account

Customer)Channel

Account) owner

Accounts Payments

Account'info Payment'info

Accounting'

info

FraudDetection

API$ChannelCustomer$Channel

Account$ owner

Accounts Payments

Account'infoPayment

info

Accounting'

info

XS2AAdmin

TPP

FraudDetection

Josh Josh

Scope of PSD2 : Functional component overview

Third Party

20


20

SecurityIT

Infrastructure

Culture Open Banking Ecosystem

Technology

Business

Implications of PSD2

21


21

APIsSecurity –Identity,

Federation, Key and Token Mgmt

Regulatory Reporting

Digital Capabilities

Test Automation

Customer Grievance

Data Dictionary

Data Governance

SOA,Micro-Services

Faster Payments

Ecosystem and Partnerships

Client Experience (as a third party

and end-customer)

Accounting

Fraud ManagementRisk Management

Support Centre for Third Parties

3rd party on-boarding

devOps, Agile delivery

Cloud based platforms

Data Quality

AISP Offering

PISP Offering

Legal

SLA Management

Sandboxing

Business

Technology

Business and Technical Capabilities Required to Implement PSD2

22


22

Overview of IBM’s Solutions

Infrastructure

Strategy

Innovation&

Delivery

Security

Software&

Accelerators

IndustrySolutions

PSD2

• API Connect

• z/OS Connect

• PSD2 accelerator APIs

• Industry models

• Payment Gateway + Wallet

• Financial Transaction Manager

• Safer Payments

• PSD2 Impact and Readiness Assessment

• Strategy Development

• Digital Thinking & Design

• MobileFirst and Apple + IBM

• Digital Integration Factory

• Architecture Development

• Cloud (IaaS, PaaS, SaaS)

• IBM Bluemix

• IBM Technology Labs

• Device Management & Security

23



Reference materials Contact us

• IBM PSD2 Landing Page [link]

• IBM PSD2 White Paper [link]

• IBM API Economy [link]

• IBM API Connect [link]

• IBM z/OS Connect Enterprise Edition [link]

Richard GamblinDigital Transformation Architect | European Technical [email protected] | @RichGx

Emmanuel TrenyEuropean Sales Leader for the Mobile & API [email protected] | @ETreny

24



Additional materials

25


IBM API Connect: Simplified & comprehensive API foundationClient Need• Expand reach and revenue in the

Digital economy• Securely unlock existing IT assets • Deliver innovative apps with modern

architectures

IBM Offers • An API foundation to Create, Run,

Manage & Secure new or existing APIs and Microservices in a hybrid deployment with Node.js and Java to power modern digital applications

Client Value• Enable new business models in

new ecosystems• Realize new ROI via secure reuse

of existing IT assets• Achieve faster innovation via self-

service access to APIs

IBM Differentiators• Create & Run with Node.js and Java

for end-to-end API lifecycle with market leading gateway

• Discovery & creation of APIs from existing systems of records

• Hybrid deployment flexibility

Create Run

ManageSecure

26


• API discovery• API, Plan & Product policy creation• API, Plan & Product lifecycle mgmt.• Self-service, customizable, developer portal• Advanced Analytics• Subscription & community mgmt.

• Policy enforcement• Enterprise security• Quota management & rate limiting• Content-based routing• Response caching, load-balancing and offload processing• Message format & transport protocol mediation

• Rapid model-driven API creation• Datasource to API mapping automation• Standards-based visual API spec creation in Swagger 2.0• Local API creation and testing• On-cloud & on-premises staging

of APIs, Plans & Products

• Node.js & Java Microservice runtime• Node.js & Java integrated runtime management• Enterprise HA & scaling• On-cloud & on-premises staging of Microservice

applicationsCreate Run

ManageSecure

IBM API Connect: Capabilities

27


IBM API Connect and PSD2

• TPP Self Service developer portal• XS2A API Creation• XS2A API Security• Hybrid Deployment model for maximum

scalability• XS2A API Lifecycle Management• XS2A API Analytics

28© 2016 IBM Corporation |28© 2016 IBM Corporation

Client Need• Discover and consume z/OS services as full REST APIs• Complete abstraction from data and underlying transaction details• z/OS Connect Enterprise Edition is IBM’s strategic REST API Gateway

in to z/OS subsystems: CICS, IMS, DB2 z/OS & WAS z/OS

z/OS Connect EE Capabilities• Self-service discovery of z assets as a set of REST APIs• Convert in-bound REST calls into native calls for:

o CICS, IMS, DB2, WAS and MQo Handling protocol & data conversion

• Full exploitation of z/OS Security• zCEE works hand in hand with API Connect to simplify the

governance, security and ease of consumption of z/OS subsystems

Payments

CICS

IMS

WebSphere

DB2

z/OS Connect Enterprise Edition

IBM z/OS Connect Enterprise Edition: REST APIs into Payments

unleashing the api economy for banking payment … the api economy for banking payment services...

Documents