OBLY - PSD2 Compliance

OBLY (OpenBanking-ly) is our Payment Services Directive (PSD2) Compliance product built to Regulatory Technical Standards. OBLY is built on enterprise grade technical design which incorporates our experience and learnings based on working with Competition and Markets Authority (CMA9) UK banks since 2016 for their Open Banking Programmes. OBLY is not just a point PSD2 solution, its scalable enterprise solution for API Programs with a substantial focus on customer identity, authentication & security.

As per PSD2 directive, Sandbox is required to be fully available and compliant by 14th Mar 2019. As the deadlines are firm and tight along with the limited number of vendors and subject matter experts in the market is putting Banks under immense pressure. Banfico built OBLY, which can be readily deployed as standalone Sandbox on Cloud as its bundled with Mock Bank. It could be easily extended to meet full implementation requirements.

Our cutting-edge technology product can fast track your PSD2 programme and mitigate delivery risks associated with typical regulatory projects. OBLY includes custom components and commercially off the shelf (COTS) products integrated securely. These COTS products are globally adopted and already used in various UK banks.

OBLY Features

Major API standards supported

Support for Open Banking UK, NextGenPSD2, STET API standards and ability to create more API products for premium clients & also make it available to internal teams.

Access methods supported Redirect / Decoupled / Embedded flows

Support Security profile based on OBIE UK incorporating hybrid profile based on OpenID Connect. OBLY passes OIDC Conformance Suite of Open Banking UK including PS256. It also supports NextGenPSD2 OAuth2 protocol with dynamic scopes.

SCA compliant

Product supports integration for various authentication methods ranging from SMS OTP, Soft-token to biometric products in the market. Out of the box, OBLY provides smartphone-based Multi-Factor Authentication and dynamic linking in all authentication flows.

Consent Management

Support for PSU to manage their consents as per PSD2, further it provides integration to update permission on existing electronic channels like internet & mobile banking.

API Management & Developer portal

Excellent support for the developer onboarding and clean dashboard with analytics on API products usage. Monetisation support for Premium APIs is also available.

Cloud-powered or On-premise

OBLY can be deployed on cloud providers like AWS, Azure & GCP or on-premises for banks with restrictions to go cloud.

Built with modern DevOps practice

Support for Open Banking UK, NextGenPSD2, STET API standards and ability to create more API products for premium clients & also make it available to internal teams.

Built with best of fit enterprise-grade products

OBLY uses products from vendors like Ping Identity & IBM for core IAM and API management capability respectively.

OBLY addresses major PSD2 functional areas with commercially off the shelf offerings from vendors who are leaders in the market. Our product embodies:

Ping Identity suite for Identity & Access Management

IBM API Connect for all API Management requirements

Splunk for all Audit, Logs, Security Information & Event Management

Whitepaper

Please download a whitepaper to learn more about our PSD2 Compliance Capability provided us.

GET WHITEPAPER