itb-au logo
Story image

Ping Identity launches new CDR sandbox for Aussie financial sector

Ping Identity has released its Australian Consumer Data Right (CDR) sandbox environment, with the goal to fast track open banking adoption in the country, and allow banks and FinTech companies to accelerate their CDR compliance efforts.

Under CDR rules, financial institutions must provide customers with greater access and control of their data. The aim is to make it easier for consumers to switch between products and services and to encourage more competition between service providers.

For tier one banks and large financial institutions, CDR-compliant data sharing needs to be in place by July 1. However, because of the pressures caused by the COVID-19 pandemic, tier two banks and smaller firms have been granted an extension until July 2021.

The CDR sandbox provides a pre-built development environment to get started without the need for custom development. It allows banks and FinTechs to focus on their core business working with customer data via the CDR APIs and leaves the complex InfoSec and user consent requirements to Ping Identity.

It is a DevOps-driven environment, built on Ping technology, that includes the major technical and user experience requirements of the CDR specification version 1.2.

This includes an implementation of the CDR InfoSec specification, which is based on the Financial-Grade API (FAPI) specification that Ping Identity has contributed to; a mock ACCC registry, supporting fintech registration and maintenance services; and an implementation of the CDR data sharing APIs, using Biza.ios DeepThought CDR API implementation.

It also includes a sample Data Holder (bank) web application, demonstrating authentication, authorisation, token creation, and user consent; and a sample Data Recipient (fintech) web application, showing the end user experience in creating a data sharing arrangement with a Data Holder, and the display of transaction data based on CDR-compliant API calls to the Data Holder, on behalf of the end user.

The CDR continues to evolve, and Ping Identity will continue to update the sandbox accordingly, the company states. As an additional benefit, it is a flexible platform for future digital transformation that can be used for other identity security projects across the enterprise.

The latest offering builds on Ping Identity’s previous successes worldwide in Open Banking, where the company became the provider of the first identity platform to pass all 70 technical security tests with zero warnings.

Ping Identity APAC CTO and member of the Data Standards Body, the advisory committee for the CDR, Mark Perry, says, “This is a significant release for the Australian financial services market. Our customers have been under a great deal of pressure to make technology purchasing decisions for CDR compliance.”

CDR is a technical specification developed as a multi-industry open standard by Data61 and the ACCC with industry collaboration.

It leverages FAPI, OAuth 2.0 and OpenID Connect (OIDC) to define additional technical requirements for the financial industry and other sectors requiring higher security.

For banks specifically, CDR provides various advantages, enabling third-party applications to securely interact with financial accounts, while also enhancing the users ability to control security and privacy settings, without insecure sharing of the users banking credentials (screen-scraping).

In the future, the CDR will expand to cover other industries like energy with a similar security model and other industries are likely to follow, Ping Identity states.

Link image
Say goodbye to outages and performance outages with server monitoring
Stop wondering which processes or services are causing a server spike. Analyze the performance of Windows services and Linux processes to understand their load on system resources and perform start, stop, and delete actions while on the go with a dedicated mobile app.More
Download image
NFV: The go-to method for simplifying corporate networks
The case for NFV is clear: according to responses from more than 1300 IT and networking professionals around the world, 57% say their organisations has deployed or plans to deploy NFV.More
Link image
Keep $1.6 million in your pocket with stronger network visibility
You actually can run your network at full throttle without running risks. If you don’t believe it, this guide will empower your network IT choices.More
Story image
Cohesity named top vendor in unstructured data management.
GigaOm cited Cohesity's end-to-end solution designed to tackle data and app challenges in modern enterprises. More
Story image
Why DX is not complete without a transformed security architecture
Secure Access Services Edge (SASE) is the process by which core WAN edge capabilities like SD-WAN, routing, and WAN optimisation at branch locations are integrated with cloud-based security services like secure web gateways, firewall-as-a-service, cloud access security brokers, and more.More
Link image
Get real: AI and its business impact under the spotlight
In a world overrun with hype, you need to find real solutions that drive real business impact, and real results for customers.More