Webinar

PSD2: Ensuring a seamless payments journey, connecting APIs and ISO 20022

#xmldationwebinar

Hosts

Tricia Balfe, COO, XMLdation Ireland

triciabalfe

Jarkko Leppälahti, CEO

jarkkoleppalahti

@api_lifecycle

Content

PSD2 background

ISO 20022 usage and adoption

JSON APIs and ISO 20022 XML

PSD2 Background

PSD2 Overview

Main purpose : open up market for payments services

Banks must provide 3rd party access to payment initiation and account information services

• Under well-defined conditions

Defines policy, doesn’t set technical direction

Useful explanation • https://www.starlingbank.com/explaining-psd2-without-tlas-

tough/

PSD2 Timeline

Jan 2018 :

• PSD2 transposed to national law

Sept 2018 :

• earliest date for security aspects

http://digitalbaobab.com/wp-content/uploads/2016/02/psd2-timelines.pdf

Technology

RESTful JSON APIs are a natural choice

Wide adoption in other industries, simplicity is key

Used by Fintech, and in Digital and API Programmes at banks

Used by Challenger banks

Aggregators

Standards-related Activity

http://www.berlin-group.org/open interoperability standards and harmonisation initiative, the NextGen PSD2 Taskforce

https://www.caps-services.com/open framework realising the regulatory intent of PSD2 (aggregator)

https://www.abe-eba.eu/thought-leadership/regulatory-guidance/New publications in early 2017

Non-PSD2 : UK CMA Open Bankinghttps://www.gov.uk/government/news/cma-paves-the-way-for-open-banking-revolutionStandards sometime in 2017

(There is also work ongoing in security)

ISO 20022 Usage and Adoption

What is ISO 20022?

Standard for Financial Messaging, iso20022.org

Agreed vocabulary for financial services & financial data exchanged between parties

• Uses XML currently

• Can use other syntaxes e.g. ASN.1

• Plans to publish JSON syntax in 2017 ??

Growing global adoption

https://www.iso20022.org/adoption.page, April 2016

SEPA and CGI-MP corporate to bank, including account statements; SEPA bank to bank;SEPA instant payments, Nov 2016, http://www.europeanpaymentscouncil.eu/index.cfm/sepa-instant-payments/sepa-instant-credit-transfer-sct-inst/European Target2SPayments Canada, 2020US Chips, high value payments, 2020Etc

JSON APIs and ISO 20022

ISO 20022, SEPA, SEPA Instant Payments etc

API Platform

JSON APIs

Core Banking Platforms

Integration Middleware

Mobile Apps Mobile Apps

API Platform

Core Banking Platforms

Integration Middleware

JSON APIs

Bank payment systems increasingly ‘speak’ ISO 20022APIs and ISO 20022 payments infrastructure will coexist

Following ISO 20022 Best Practices

ISO 20022 solves longstanding issues

• E.g. remittance information

Has an agreed vocabulary forfinancial domain

https://www.swift.com/file/23901/download?token=izEXYBlb

Aligning JSON APIs and ISO 20022

XS2A Example: account statement

Example account details in JSON

ISO 20022 camt.053 XML, account statement

Simplicity

Simplicity is critical for APIs

Direct mapping of ISO 20022 will be too complex

“Basic” ISO 20022 XML pain.001 credit transfer : 110 lines

Simplicity – Detailed Example

InitgPty / Initiating Party in ISO 20022 = company initiating a credit transfer

ISO 20022 XMLDirectly Mapped JSON : longwinded

The essentials in JSON : much simpler

Useful precedents e.g. Currency

Notes:

A simplistic API might ‘assume’ a currency value

ISO 20022 mandates that you explicitly define currency

ISO 20022 follows a standard for currency codes (ISO 4217)

Previous SWIFT MT standard combined currency and amount in a single field:

• makes life difficult for developers

From SWIFT MT940 : earlier generation of account statements, still in

widespread use

ISO 20022 XML Corresponding JSON

(D/C Mark)(Date)(Currency)(Amount)

Other examples….

Consider using credit / debit indicators, not negative amounts

Remittance information : limitations on characters (latin, cyrillic etc)

Structure of postal addresses

IBANs and BICs, and when they are required

Standard for identifying countries and bank transaction codes

Etc…

Advice on getting started

Review APIs against ISO 20022 thoughtfully• What fields are important in ISO 20022

• What fields should be mapped directly

• What business rules need to be honoured (ISO 20022 & bank)

• Keep simple, align where reasonable

Careful mapping will facilitate interoperability

Monitor standards activities around APIs

XMLdation PSD2 / API Offering

SaaS platform for managing API definitionsWith automatic generation of API validation policies, test components and

Developer Portal content from a single source

PSD2 Consultancy

Advising / supporting bank teams to reach PSD2 compliance and launch Fintech partnership programmes

Bank Challenges

PSD2 Compliance

Bank Programme Tracks

Time to Market

Business of APIs

API Layer Access and Identity

API Integration to Backend

End to End Testing

Partnership Model

Developer Supports

Benefits

XMLdation API Offering

Product

Management

IT

dev &

testing

API Project

Onboarding

& support

Client

Business

development

API definition management

Onboarding

Developer Services

Production Systems

API Validation Policies

Test Automation Framework

Test Components

Bank IT Environment

• XMLdation is a world leader in end-to-end testing of standardised financial transaction messages : ISO 20022, SWIFT MT, JSON APIs

• Our innovative Software-as-a-Service assists banks, e-invoicingproviders, clearing houses, financial software vendors in theimplementation, testing and maintenance of transaction messages.

• XMLdation service is used by more than 20 banks in over 50 countriesworldwide

• Headquartered in Tampere, Finland; Office in Cork Ireland

• Established in 2009

• Video http://myxml.is/offering16

@api_lifecycle @xmldation

Next PSD2 WebinarThursday Feb 16, 2017Tuesday Mar 21, 2017

PSD2: Implementing APIs that interoperate with ISO 20022

More on API / ISO 20022 alignment

Defining ‘ISO 20022’ business rule policies for APIs

Applying ISO 20022 policies on an API platform

Wrapup

Register for upcoming webinars

http://www.xmldation.com/en/company/events-list

Webinar slides

Slides will be posted to website after webinars. You will receive a link by email.

Getting started with PSD2

Drop us an email at xmldation@xmldation.com, and we’ll help