Api standards for data-sharing (account aggregator)
Download 1.78 Mb. Pdf ko'rish
|
othp56
|
Restricted CGIDE – API standards for data-sharing – October 2022 14 3.2 Decentralised model In a decentralised model, data also remain at the source or point of service. However, participating members agree to share their data with other participants individually. An alternative name for this model is the federated exchange model. Each participating organisation maintains ownership and control of the data within its source databases. One of the main benefits is that it guarantees access to up-to-date data and each participant can negotiate the list of data shared. An administrative or governance group may maintain a centralised list of citizens or a directory. This facilitates data transfers using standard integration methods. However, as there are point-to-point transfers between the participants it is not necessarily possible to follow a precise standard for the exchange of data. A challenge is that a standard and predefined field about how and what to share between participants does not necessarily exist. Each participant individually negotiates based on the possibilities available. However, one positive factor is that response times are faster than in the centralised model since it is a direct point-to-point connection without a centraliser. Data-sharing models Graph 3 Restricted CGIDE – API standards for data-sharing – October 2022 15 3.3 Trust ecosystem model In this model, the AA is not necessary if standards are very well defined. Accordingly, there is no centraliser. The key pillars of this model are standardisation, testing and an accurate certification process. The model is decentralised for data-sharing and centralised for identity management. The proposal relies on a trust framework that dynamically registers both data providers and consumers (Graph 4). The trust framework integrates with a trusted third party (TTP), using TTP libraries instead of an aggregator. 8 One key benefit is that third parties can develop their libraries in multiple programming languages. The model requires the establishment of a registration process for participants, security in communications and a standard for the exchange of information through an API. Since the implementation of standards often vary, even if only slightly, the model states that a certification process managed by certifying authorities is necessary 4 Interaction and data flow Enabling open finance through APIs: report on payment initiation (CGIDE (2021)) developed two schemes: a central validator (CV) auth-app scheme and an in-app scheme. The former requires the installation of an application from a third-party provider. The app is responsible for the authentication of credentials and confirmation of payment transaction (or a consent for data-sharing). The latter scheme uses an in-app model integrated natively without the need to install an additional app. These models allow the development of similar alternatives for account aggregation in the context of data-sharing. 8 Proposed by Raidiam Services Limited for the open banking models of Brazil and the United Kingdom. Trust framework Graph 4 |
