Latest Content

Integrating Office 365 with WSO2 Identity Server

This article discusses the challenges of deploying Microsoft’s Office's cloud solution into existing enterprise infrastructure and how to overcome these hurdles by using WSO2 Identity Server.

Open Banking: Creating a System of Inclusion, Openness, and Trust for Mexico

Open banking is reaching global adoption. Regions like Singapore and Japan were strong advocates for open banking even before the Second Payment Services Directive (PSD2) regulation and they experienced tremendous success in doing so. Post PSD2, other countries like Mexico, Brazil, Hong Kong, Australia, and countries in the Middle East are coming up with open banking regulations. They are opening up their APIs in an effort to create a more open, competitive and customer-driven financial ecosystem.

Strong Customer Authentication and Dynamic Linking for PSD2

The Payment Services Directive 2 (PSD2) policy aims to open payment ecosystems to simplify online payments and reduce fraud by mandating strong customer authentication (SCA) for third-party providers (TPPs). SCA enforces the use of two-factor authentication (2FA), which requires users to verify their identities in two unique ways before giving access.

Fraud Detection: Making Open Banking a Safer Place


The Regulatory Technical Standards(RTS) specification, published by the European Banking Authority (EBA), takes into consideration the requirements of PSD2 article 98 to define when and how SCA needs to be applied. The final report of the draft RTS document[1] was released on February 23, 2017.

Artificial Intelligence Based API Security with WSO2 and PingIntelligence for APIs

APIs power digital transformation. They are invaluable for any organization’s employees, partners, customers, and other stakeholders to gain access to applications, data, and business functionality across the enterprise. As it’s a critical component in any large enterprise, many of them have built internal and external API strategies within their organizations. This includes ensuring security throughout the API ecosystem.

Successful Third Party Onboarding for Open Banking UK

The second Payment Service Directive (PSD2) requires banks to provide access to customer data through open APIs. Security is a crucial factor when exposing confidential customer data in this manner. Before allowing third-party providers (TPPs) access to consumer financial data, the bank must make sure that the data does not fall into the wrong hands. To make sure the applications accessing the data are secure, the application needs to be first registered with the bank.

Privacy By Design as a System Design Strategy

We live in a global village today. For instance, raw materials of a product may originate from several countries, the product may be designed in one country but assembled in another country, and sold all over the world. Banking is an ideal example of the present day global reality. Data sharing practices in the banking industry used to be very conservative and restrictive, but they have significantly changed now. Open banking initiatives in Europe, UK, and Australia aim to share and open banking data with other banks and institutions.

Digital Transformation for Businesses Using APIs

This article explains how a business can take maximum advantage of digital transformation to expand boundaries with the aid of APIs. It focuses on digitizing contracts, enabling service management, securing digital services, and facilitating customer-focused decision making among other things.

A Deep Dive of Transaction Risk Analysis for Open Banking and PSD2

This article will discuss the basics of Transaction Risk Analysis and how it affects strong customer authentication (SCA) in the second Payment Services Directive (PSD2) accounts/payments flows.

UMA 2 in Action: Part 2

This is the second part of our article series which explores practical use cases of User-Managed Access (UMA 2.0 or UMA 2). The primary focus of this article is to discuss a UMA 2 specification known as the Federated Authorization for UMA 2. This specification standardizes interactions among the authorization server (AS), the resource server (RS), and the resource owner (RO).