Api standards for data-sharing (account aggregator)
Download 1.78 Mb. Pdf ko'rish
|
othp56
|
Restricted CGIDE – API standards for data-sharing – October 2022 40 ecosystem. Some participants mentioned payment card providers, public sector entities and bigtechs, among other entities that could participate in data-sharing. The types of information considered for data-sharing include product information, deposit and other account information, and transaction and payment history. This information can have multiple purposes, and many participants consider that it could help to provide loans, access to insurance and the purchase of other financial services. Further purposes noted in the survey were access to investment services and savings accounts, the transfer of transactional information to financial entities and third parties, know-your-customer (KYC), and the creation of new services with transaction data, payments initiation and account aggregators, among others. The adoption of data-sharing using APIs comes with its own challenges. The main ones are having the necessary technological infrastructure for its implementation, standardisation and coordination among participants in the ecosystem. Six participants also consider that defining an API standard is an important challenge that goes together with the challenge of coordination. Other challenges noted by some of the participants are issues relating to the current development of connectivity and telecommunications in their jurisdictions, cybersecurity, regulation and whether market participants would adopt a voluntary approach. Considerations regarding the development of APIs and associated standards also entail technology choices. The most popular messaging format among survey participants is JSON. For API specification, four participants prefer the Open API standard, while some other participants might consider RAML, AsyncAPI and REST standards. With respect to API security, participants mentioned several protocols as options in the survey, of which OAuth, TLS, VNP and PKI certificates are the most popular technologies to be considered by participants. |
