O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a navegar o site, você aceita o uso de cookies. Leia nosso Contrato do Usuário e nossa Política de Privacidade.
O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a utilizar o site, você aceita o uso de cookies. Leia nossa Política de Privacidade e nosso Contrato do Usuário para obter mais detalhes.
A Scribd passará a dirigir o SlideShare em 1 de dezembro de 2020A partir desta data, a Scribd passará a gerenciar sua conta do SlideShare e qualquer conteúdo que você possa ter na plataforma. Além disso, serão aplicados os Termos gerais de uso e a Política de Privacidade da Scribd. Se prefira sair da plataforma, por favor, encerre sua conta do SlideShare. Saiba mais.
The Great British API Client Bake Off #fapisum - Japan/UK Open Banking and APIs Summit 2018 - July 24, 2018
➢ Moneyhub, aggregation & the road to open banking
➢ Onboarding to the Open Banking Directory
➢ How we built our integration
➢ Lessons learnt
○ What went well
○ What went badly
Moneyhub, aggregation & the
road to open banking
● CTO at Moneyhub
● I’m an active contributor & now co-editor
of the FAPI specs
● FAPI WG Liaison Officer to UK
OpenBanking Implementation Entity
● UK Expert at ISO TC68 SC9/WG2 -
● Technical Representative for the Financial
Data & Technology Association
● Key proponent of the use of CIBA spec for
● Represent AISPs at OpenBanking & the
● UK Based Fintech established since 2011
● We build an intelligent financial assistant
and work with our partners to improve the
financial wellbeing of their clients
● Founding member of FDATA
● Active with the Open Banking Working
● Active in lobbying the CMA to require a
“common” OpenBanking API
● One of the first Account Information
Service Providers in Europe
The Road To OpenBanking
I’ve been a reluctant screen
scraper since 2013.
Nat Sakimura came to the UK in
June 2016shortly after starting
The timing was perfect &
thankfully we were able to get the
evolving FAPI security profile
adopted by UK Open Banking
Open Banking Directory
Identity Verification was the
Once onboard, it is excellent to
Certificate Authority & issuer of
software statement assertions.
Contains the well-known openid
configuration urls for all the
Well Known Uris
These are incredibly useful from
an implementation perspective.
Our implementation retrieves
these dynamically and can thus
cope with changing uris, or
response types, etc.
We hope that further discovery
metadata will be made available
in a similar way.
● Used certified open-source
implementation of OpenID
● Unfortunately had to fork the
code (temporarily) to deal with
non-conformance by the banks.
● Some of the banks are now fully
● We are in favour of certification
for OpenBanking relying
providers as well as the banks.
● One code base for OAuth 2
● Separate instance per financial
● Provider specific config and
specific “adapters” to work
around provider quirks
● Better than “shared library” or
● The auth part of any integration
is the hardest and most error
prone - FAPI conformance tests
help a lot.
Verifiable conformance is
● Reduces support costs
● Speeds up integration
● Reduces implementation costs
Don’t assume big banks have
automated test suites
● We acted as an (unpaid) QA function for many banks
● We are now pushing for regular runs of the
Standards & open source
● Connecting to standards based OpenBanking APIs has
been far easier than working with a commercial
provider that has proprietary APIs.
● Open Source standards compliant relying party
implementations increase security of the ecosystem
and lower costs for fintechs.