itb-au logo
Story image

Ping Identity launches new CDR sandbox for Aussie financial sector

Ping Identity has released its Australian Consumer Data Right (CDR) sandbox environment, with the goal to fast track open banking adoption in the country, and allow banks and FinTech companies to accelerate their CDR compliance efforts.

Under CDR rules, financial institutions must provide customers with greater access and control of their data. The aim is to make it easier for consumers to switch between products and services and to encourage more competition between service providers.

For tier one banks and large financial institutions, CDR-compliant data sharing needs to be in place by July 1. However, because of the pressures caused by the COVID-19 pandemic, tier two banks and smaller firms have been granted an extension until July 2021.

The CDR sandbox provides a pre-built development environment to get started without the need for custom development. It allows banks and FinTechs to focus on their core business working with customer data via the CDR APIs and leaves the complex InfoSec and user consent requirements to Ping Identity.

It is a DevOps-driven environment, built on Ping technology, that includes the major technical and user experience requirements of the CDR specification version 1.2.

This includes an implementation of the CDR InfoSec specification, which is based on the Financial-Grade API (FAPI) specification that Ping Identity has contributed to; a mock ACCC registry, supporting fintech registration and maintenance services; and an implementation of the CDR data sharing APIs, using Biza.ios DeepThought CDR API implementation.

It also includes a sample Data Holder (bank) web application, demonstrating authentication, authorisation, token creation, and user consent; and a sample Data Recipient (fintech) web application, showing the end user experience in creating a data sharing arrangement with a Data Holder, and the display of transaction data based on CDR-compliant API calls to the Data Holder, on behalf of the end user.

The CDR continues to evolve, and Ping Identity will continue to update the sandbox accordingly, the company states. As an additional benefit, it is a flexible platform for future digital transformation that can be used for other identity security projects across the enterprise.

The latest offering builds on Ping Identity’s previous successes worldwide in Open Banking, where the company became the provider of the first identity platform to pass all 70 technical security tests with zero warnings.

Ping Identity APAC CTO and member of the Data Standards Body, the advisory committee for the CDR, Mark Perry, says, “This is a significant release for the Australian financial services market. Our customers have been under a great deal of pressure to make technology purchasing decisions for CDR compliance.”

CDR is a technical specification developed as a multi-industry open standard by Data61 and the ACCC with industry collaboration.

It leverages FAPI, OAuth 2.0 and OpenID Connect (OIDC) to define additional technical requirements for the financial industry and other sectors requiring higher security.

For banks specifically, CDR provides various advantages, enabling third-party applications to securely interact with financial accounts, while also enhancing the users ability to control security and privacy settings, without insecure sharing of the users banking credentials (screen-scraping).

In the future, the CDR will expand to cover other industries like energy with a similar security model and other industries are likely to follow, Ping Identity states.

Link image
Report: Why businesses should take care to seek a 'true' cloud offering
A multi-tenant architecture that requires no on-prem equipment. A wide distribution of active data centres. These are some of the qualities of a true cloud solution. Find out more in this whitepaper.More
Link image
Why performance monitoring is essential to keep cloud costs down
Cloud comes with many different associated costs, which can sneak up on organisations and drive down efficiency. Here's how to reduce costs by up to 50%.More
Story image
iText snaps up former Adobe exec as new CEO
Former Adobe executive Gary Fry is now heading international PDF tech company iText Group as new CEO.More
Story image
Proofpoint and CyberArk extend partnership to further safeguard high-risk users
“Our CyberArk partnership extension provides security teams with increased detection and enhanced adaptive controls to help prevent today’s most severe threats."More
Story image
How process automation can help in a COVID-19 world
Where cumbersome manual steps have done the job in the past, many are finding they don’t easily translate to a world of remote working. As a result, organisations are increasingly coming to the conclusion that significant changes need to be made.More
Story image
Delivering value faster will be essential in the post-COVID world
Those who are best equipped to operate on a lean budget and those with the best tools will gain market share. Those who do not have their technology in order will be left fighting for crumbs, writes OutSystems vice president for APAC Mark Weaser.More