Re: The Open Banking Standard (HTTP API) from Adrian Hope-Bailie on 2016-02-18 (public-payments-wg@w3.org from February 2016)

From: Adrian Hope-Bailie <adrian@hopebailie.com>
Date: Thu, 18 Feb 2016 18:12:16 +0200
To: Frédéric Meignien <frederic.meignien@cantonconsulting.fr>
Cc: Manu Sporny <msporny@digitalbazaar.com>, Web Payments IG <public-webpayments-ig@w3.org>, Web Payments WG <public-payments-wg@w3.org>, VIGNET cyril <Cyril.VIGNET@bpce.fr>
Message-ID: <CA+eFz_JG-GVY4Ks4bg=frYdip1BGLJqmYkt8FRsvzXTchE8H4A@mail.gmail.com>

Unfortunately the Open Banking Standard only really addresses access to
data as opposed to actual transactional functions that could be executed
via the API (like payments) unless I missed something in my reading.

That said, I think PSD2 is still a key topic for the IG and does create a
requirement for some standardized HTTP APIs for, among other things,
payments.

I also think that the W3C work in authentication and hardware security has
an important role to play in the PSD2 technical standards development
process.

On 18 February 2016 at 17:44, Frédéric Meignien <
frederic.meignien@cantonconsulting.fr> wrote:

> Hi,
> read it very quickly:
> This document is the exact strategic consequence of what we re just
> describing with Cyril.
> They realized how disrupting is DSP2, with its PISP, AIPSP, ASPSP...and
> they are running straight into the breach.
> DSP2 just blew up the concept of the bank monopolizing the supply chain of
> payments.
> Bankers do not have such a vision usually (!!!).
> So we are right in the subject.
> W3C works can give a real asset to competitors who want to enter this
> market (not necesssarily banks) and the advantage will be great if we also
> have the authentication framework going along with it ! See page 92 for
> instance.
> Because today, the king of authentication is VISA, with its 3DS which
> ensures the complete security loop to ensure the customer consent mutual
> trust between actors.
> But I'm sure we can do better (please have a look into the SCAI document).
> Fred
>
> Le 18/02/2016 16:24, Manu Sporny a écrit :
>
>> This is a report noting that the UK has started toward an Open Banking
>> API using W3C/IETF technology. They're starting their own Standards
>> Setting Organization to do it (sadly). The API will give access to a
>> variety of banking features and cites PSD2 as one of the drivers for the
>> work. W3C is mentioned as important at the bottom of page 138.
>>
>> I keep saying that not doing HTTP API work is a missed opportunity for
>> W3C as this stuff is going to become more and more commonplace:
>>
>> http://www.scribd.com/doc/298569302/The-Open-Banking-Standard
>>
>> This is also why the HTTP API in the Web Payments WG is important. It
>> doesn't cover nearly everything that's covered in the Open Banking API,
>> but it does cover one major part of it (payments).
>>
>> This is directly relevant to the IG's future work.
>>
>> -- manu
>>
>>
>
>

Received on Thursday, 18 February 2016 16:12:57 UTC