<div dir="ltr">Open Banking (see the website of its UK government-mandated Implementation Entity <a href="https://www.openbanking.org.uk">here</a>) is a regulation requiring at least the UK's biggest nine banks (the "CMA9", CMA standing for Competition Market Authority) to present a standard set of APIs to foster a payment initiation and account information application ecosystem, for giving customers choice. The open APIs in effect disintermediate credit card issuers and enable the use of bank accounts directly as payment instruments for things like paying Amazon (as a third-party client app) for buying an item etc. The OB approach and specs, which work with the OpenID Foundation's Financial API (<a href="http://openid.net/wg/fapi/">FAPI</a>) WG's specs, discourage "screen scraping" and encourage the by-now-familiar OAuth and OpenID Connect pattern of having the client app offer for the user to identify, and authenticate at, and authorize action through, a service (the bank). The regulation mandates "SCA", Strong Customer Authentication. The FAPI profiles are like a much more detailed, thorough, and restrictive version of the profiles we have put together, targeted at a much more detailed, specific, and demanding regulatory environment. OB operates in a broader EU regulatory context, PSD2 (Payment Services Directive 2). There is currently a "NextGenPSD2" effort being undertaken by The Berlin Group; a <a href="https://www.berlin-group.org/nextgenpsd2-conference-2017">conference</a> was held two days ago to start to collect input towards that.</div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">
<p><b>Eve Maler<br></b>ForgeRock Office of the CTO | VP Innovation & Emerging Technology<br>Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl</p></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On Fri, Oct 27, 2017 at 8:15 AM, Adrian Gropper <span dir="ltr"><<a href="mailto:agropper@healthurl.com" target="_blank">agropper@healthurl.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">I'm new to Open Banking. Is it related to Distributed Public Ledgers? Can someone provide a bit more description and color? </div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="h5">On Fri, Oct 27, 2017 at 7:53 AM, Debbie Bucci <span dir="ltr"><<a href="mailto:debbucci@gmail.com" target="_blank">debbucci@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5"><div dir="ltr"><div><div><div><div><div><div>Hello Everyone,<br><br></div>Now that the fall conferences are winding down and the UMA 2.0 spec is nearing completion, we would like to start up the HEART WG for a few session/discussion and see where it might go from there. Given the holiday seasons, starting Nov 6th seems to minimize holiday interruptions.<br><br></div>On the short list of topics/potential actions ...<br><br></div>1. Updating the UMA related profiles to reflect UMA 2.0<br></div>2. Given recent action of Open Banking and better understand of the SMART profiles, I do think we missed the mark by not including public clients in the specs. SMART (assumed trusted environment ) and Open Banking (probable us by 3rd party API) have different perspectives. Perhaps it referencing/Leveraging/alignin<wbr>g with other OpenID Profiles -- FAPI, igov, EAP (?)</div><div><br></div><div>If you are interested and have other topics - updates to the profile we should consider - please post to the list.</div><div><br></div><div>Thanks in advance<br></div></div></div>
<br></div></div>______________________________<wbr>_________________<br>
Openid-specs-heart mailing list<br>
<a href="mailto:Openid-specs-heart@lists.openid.net" target="_blank">Openid-specs-heart@lists.openi<wbr>d.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-heart" rel="noreferrer" target="_blank">http://lists.openid.net/mailma<wbr>n/listinfo/openid-specs-heart</a><br>
<br></blockquote></div><span class="HOEnZb"><font color="#888888"><br><br clear="all"><div><br></div>-- <br><div class="m_-243628433452939273gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><br><div dir="ltr">Adrian Gropper MD<span style="font-size:11pt"></span><br><br><span style="font-family:"Arial",sans-serif;color:#1f497d">PROTECT YOUR FUTURE - RESTORE Health Privacy!</span><span style="font-family:"Arial",sans-serif;color:#1f497d"><br>HELP us fight for the right to control personal health data.</span></div><div dir="ltr"><span style="color:rgb(31,73,125);font-family:Arial,sans-serif;font-size:10pt">DONATE: </span><span style="font-family:Arial,sans-serif;font-size:10pt;color:blue"><a href="https://patientprivacyrights.org/donate-3/" style="color:rgb(17,85,204)" target="_blank">https://<wbr>patientprivacyrights.org/<wbr>donate-3/</a></span></div></div></div></div></div></div></div></div></div>
</font></span></div>
<br>______________________________<wbr>_________________<br>
Openid-specs-heart mailing list<br>
<a href="mailto:Openid-specs-heart@lists.openid.net">Openid-specs-heart@lists.<wbr>openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-heart" rel="noreferrer" target="_blank">http://lists.openid.net/<wbr>mailman/listinfo/openid-specs-<wbr>heart</a><br>
<br></blockquote></div><br></div>