IBM BusinessConnect A new era of thinking Unleashing the API Economy for Banking Payment Services Directive 2 (PSD2) Richard Gamblin Digital Transformation Architect European Technical Leader richard.gamblin@uk.ibm.com @RichGx Emmanuel Treny European Sales Leader for the Mobile & API Economy emmanuel.treny@fr.ibm.com @ETreny 1 2016 IBM Corporation
Session Themes PSD2 Banking 2 A New Era of Thinking
Way we interact with our customers is constantly evolving How we understand our data from simple queries to deep Q&A and cognitive insights Where we run our workloads does not matter any more 3
Organizations are undergoing digital transformation Yes 88% No 10% I don t know 2% 75% Lift in engagement 49% Increased lead gen / sales 63% Improved customer satisfaction 46% Greater conversions 53% Higher traffic Organizations undergoing digital transformation Benefits of digital transformation 4
New faces in Bank Industry Non-bank entrants Branchless banks New payment models New depository 5
CxOs expect industry convergence to have the largest impact on their business Top trends to impact business (in 3 to 5 years) Total CEO CFO CHRO CIO CMO COO 70 % 60 % 50 % 40 % 30 % 20 % 10 % 0 % Industry convergence The anywhere workplace Rising cyber risk The redistribution of consumer purchasing power The sustainability imperative Alternative finance and financing mechanisms The sharing economy Source: IBM Institute for Business Value 6
DIGITAL 7
Unlock enterprise investments for competitive advantage Exposed as APIs To Develop new Innovative Apps and Services Unlock Existing Enterprise IT Investments Self Service Consumed by Developers Delivering Differentiated B2C, B2B, B2E Experiences 8
9
IBM enables hybrid architectures to speed digital transformation 10
What will be your API strategy? Speed application development Securely expose systems of record Publish APIs to expand brand reach Foster new initiatives to best serve the public Via self service library of reusable APIs Apps and data to Mobile, IoT, & hybrid cloud apps Tap into developer, partner ecosystem and other agencies Increase public benefits using new data & algorithms 11
Session Themes PSD2 Banking 12 A New Era of Thinking
PSD2 Overview Extension of scope (one leg payments) and removal of exemptions in comparison with PSD Better customer protection Strong (2-factor) customer authentication Third Party Providers (TPPs) and access to the account (XS2A) - Account information services (AIS) - Payment initiation services (PIS) PSD2 Access for (non-bank) PSPs to payment schemes/systems Extension transparency & provisioning information by PSPs IBM Banking 13 13
Accessing account information Today Josh PSD2 Josh Third Party Key points Josh can access all of his payment accounts via the aggregator The 3 rd party may access + cache data even when Josh is not using the app Bank A Bank B Building Society Credit Card Provider Bank A Bank B Building Society Credit Card Provider Account providers cannot charge for access. 14 14
Accessing account information What are banks exploring? Today Josh PSD2 Josh Third Party With this disintermediation, who owns the relationship with the customer? How does this affect functional capabilities of frontoffice systems? And, future investments in further developments? Bank A Bank B Building Society Credit Card Provider Bank A Bank B Building Society Credit Card Provider Why should we make it easy for the aggregator? 15 15
Paying for goods today 6. It s on it s way! Key points Josh needs to enter/ save his card details with the merchant Josh 1. Purchase Merchant 2 Acquirer 5 The merchant needs to demonstrate PCI-DSS compliance Buyer s Bank 4. Card Schemes/ Networks 3. Merchant s Bank All parties involved in the payment processing chain charge a fee 16 16
PSD2 enables additional options for paying for goods online 17 Josh 3. Payment instruction Buyer s Bank 2. Payment instruction 5. Confirmation to 3 rd Party 4. Payment Confirmation 7. It s on it s way! 1. Purchase Third Party 2. Payment request Merchant 6. Confirmation to Merchant Merchant s Bank Key points Josh did not enter any card details His experience of buying a product with a merchant had less friction 3 rd Party authorised by Josh initiated the payment instruction 3 rd Party can prove that Josh carried out the transaction Traditional acquirers and card networks were not involved (Merchant paid less fees) Money is pushed out of Josh s account(s) rather than being pulled. IoU is trusted by the Merchant The account providers did (could) not charge the 3 rd party 17
PSD2 enables additional options for paying for goods online Josh 3. Payment instruction 2. Payment instruction 7. It s on it s way! 1. Purchase Third Party 2. Payment request Merchant 6. Confirmation to Merchant What are banks thinking? What proportion of payments will flow through the new PSD2 route? How do we continue to generate payment services revenue? Why would Josh use a payment initiator vs. existing services? 5. Confirmation to 3 rd Party Who does Josh trust? For payments? Buyer s Bank 4. Payment Confirmation Merchant s Bank What are the value-added payment services? What partnerships do we need to form? 18 18
Scope of PSD2 : Functional component overview Josh Account) owner Josh Account$ owner Third TPP Party Customer)Channel Customer$Channel API$ Channel XS2A Admin Account'info Accounts Accounting' info Payment'info Payments Account'info Accounts Accounting' info Payment info Payments Fraud Detection Fraud Detection TPP = Third Party Provider XS2A = Access to account 19 19
Implications of PSD2 Culture Ecosystem Open Banking Security IT Infrastructu re Technology Business 20 20
Business and Technical Capabilities Required to Implement PSD2 Risk Management Ecosystem and Partnerships Fraud Management PISP Offering Customer Grievance Client Experience (as a third party and end-customer) AISP Offering Business Accounting Regulatory Reporting Support Centre for Third Parties Legal Digital Capabilities Faster Payments Cloud based platforms APIs Security Identity, Federation, Key and Token Mgmt 3rd party onboarding SLA Management Data Governance Test Automation Data Quality Technology SOA, Micro-Services Data Dictionary devops, Agile delivery Sandboxing 21 21
Overview of IBM s Solutions PSD2 Impact and Readiness Assessment Strategy Development Digital Thinking & Design MobileFirst and Apple + IBM Digital Integration Factory Architecture Development Innovation & Delivery Strategy PSD2 Industry Solutions API Connect z/os Connect PSD2 accelerator APIs Industry models Cloud (IaaS, PaaS, SaaS) IBM Bluemix Infrastructure Software & Accelerators Payment Gateway + Wallet Financial Transaction Manager Safer Payments IBM Technology Labs Device Management & Security Security 22 22
Reference materials IBM PSD2 Landing Page [link] IBM PSD2 White Paper [link] IBM API Economy [link] IBM API Connect [link] IBM z/os Connect Enterprise Edition [link] Contact us Richard Gamblin Digital Transformation Architect European Technical Leader richard.gamblin@uk.ibm.com @RichGx Emmanuel Treny European Sales Leader for the Mobile & API Economy emmanuel.treny@fr.ibm.com @ETreny 23 A New Era of Thinking
Additional materials 24 A New Era of Thinking
IBM API Connect: Simplified & comprehensive API foundation Client Need IBM Offers Expand reach and revenue in the Digital economy Securely unlock existing IT assets Deliver innovative apps with modern architectures An API foundation to Create, Run, Manage & Secure new or existing APIs and Microservices in a hybrid deployment with Node.js and Java to power modern digital applications Create Run Client Value IBM Differentiators Secure Manage Enable new business models in new ecosystems Realize new ROI via secure reuse of existing IT assets Achieve faster innovation via selfservice access to APIs Create & Run with Node.js and Java for end-to-end API lifecycle with market leading gateway Discovery & creation of APIs from existing systems of records Hybrid deployment flexibility 25
IBM API Connect: Capabilities Rapid model-driven API creation Datasource to API mapping automation Standards-based visual API spec creation in Swagger 2.0 Local API creation and testing On-cloud & on-premises staging of APIs, Plans & Products Create Run Node.js & Java Microservice runtime Node.js & Java integrated runtime management Enterprise HA & scaling On-cloud & on-premises staging of Microservice applications Policy enforcement Secure Enterprise security Quota management & rate limiting Content-based routing Response caching, load-balancing and offload processing Message format & transport protocol mediation Manage API discovery API, Plan & Product policy creation API, Plan & Product lifecycle mgmt. Self-service, customizable, developer portal Advanced Analytics Subscription & community mgmt. 26
IBM API Connect and PSD2 TPP Self Service developer portal XS2A API Creation XS2A API Security Hybrid Deployment model for maximum scalability XS2A API Lifecycle Management XS2A API Analytics 27
IBM z/os Connect Enterprise Edition: REST APIs into Payments Client Need Discover and consume z/os services as full REST APIs Complete abstraction from data and underlying transaction details z/os Connect Enterprise Edition is IBM s strategic REST API Gateway in to z/os subsystems: CICS, IMS, DB2 z/os & WAS z/os z/os Connect EE Capabilities Self-service discovery of z assets as a set of REST APIs Convert in-bound REST calls into native calls for: o CICS, IMS, DB2, WAS and MQ o Handling protocol & data conversion Full exploitation of z/os Security zcee works hand in hand with API Connect to simplify the governance, security and ease of consumption of z/os subsystems z/os Connect Enterprise Edition CICS IMS WebSphere DB2 Payments 2016 IBM Corporation 28 2016 IBM Corporation 28