Staying competitive in the Financial Services (FiServ) industry requires a steely focus on providing a faster, easier, more personalized, and more secure customer experience than your competitors. And it all starts with your registration, identification and authorization policies and processes.
It is crucial that your identity and access management (IAM) platform covers a wide range of cutting-edge capabilities to provide secure and frictionless user experiences, leading to faster registration, social sign-in, comprehensive privacy policy management and consent, and password-less/strong authentication. In addition, given OAuth forms the security backbone for your Open API Marketplace, the IAM platform must be OpenID and Financial API-certified.
A confluence of all of these equal happy, loyal customers.
Ready to Cross Borders?
That’s the question that the OpenID Foundation, the standards body specializing in identity, asks in their new white paper on enabling open banking. The paper’s author describes the mission: “The OpenID Foundation’s vision is to help people assert their identity wherever they choose, and to deliver on that vision by leading the global community in creating identity standards that are secure, interoperable, and privacy preserving.”
As consumers (and by-the-way, in most B2B scenarios as well) we demand more specialized services from organizations and FiServ firms that require us to expose, possibly, our entire financial footprint – account transactions, mortgages, investments, etc. Open Finance is an initiative to protect consumer data and to regulate organizations with access to such data. This includes Open Banking, an initiative that regulates organizations that are external to banks that offer services requiring payments through banks and specialized platforms, such as credit scoring requiring account transaction information.
At its core, Open Finance and Open Banking regulate banks and third-party institutions that take advantage of Open API platforms provided by banks.
IBM Security Verify…Ready to Protect Open APIs
IBM Security Verify is our modern, modular solution providing deep, AI-powered context for both consumer and workforce identity: single-sign-on, password-less and multi-factor authentication, risk-based authentication, and identity governance with a low-friction, cloud-native, software-as-a-service (SaaS) approach.
The solution also provides a comprehensive set of security capabilities that extends across the different dimensions required for a successful Open Finance implementation:
- Third-party regulation and provisioning – Third-party applications may register with the bank as a party that is authorized to access specific services, such as payment. This is achieved through a registration process with a regulatory body and using OAuth standards, such as dynamic client registration.
- Secure token management and issuance – The Open API platform and services are protected using OAuth tokens. These must be issued using advanced OAuth flows and must be sender-constrained to prevent copying and proliferating the issued tokens.
- User consent – The core of Open Finance is requiring fine-grained consent to authorize data sharing and payment transactions. Verify enables the ability to author purpose-of-use-driven control policies designed for the privacy and compliance officer in the bank. In addition, consent statements are detailed and can contain custom metadata to further enrich these statements.
- Secure customer authentication – Verify offers strong and passwordless authentication options, including modern technologies such as FIDO2 and push biometrics.
In addition to these capabilities, Verify strengthens access to these sensitive services by providing:
- Financial fraud prevention using advanced adaptive access controls that leverage machine learning models designed for this purpose.
- Threat detection and response assistance built into the product and platform to detect anomalous patterns and take near-immediate corrective action.
IBM Security Verify is certified with the OpenID foundation to support Financial Grade API (FAPI). This includes region-specific certifications, such as Australia Consumer Data Rights, Brazil Security Working Group, EU General Data Protection Regulation (GDPR,) European Payment Services Directive (PSD2,) and UK Open Banking Initiative (OBIE).
For more information on IBM Security Verify and to try the free trial, see https://www.ibm.com/verify/verify-identity.
For more information on the OpenID Foundation, see www.openid.net.