SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
Mon, 18th Mar 2019
FYI, this story is more than a year old

Digital identity management solutions provider ForgeRock has announced the availability of a new Sandbox-as-a-Service, designed to help banks achieve compliance with Open Banking and the Revised Payment Service Directive (PSD2).

The sandbox is already in production for several European banks that provide apps and services to over 35 million consumers.

Ensuring trust and consent in the API economy

The primary goal of PSD2 and open banking is to encourage greater innovation and competition within financial services.

To facilitate this, account providers are required to provide open APIs that enable Third Party Providers (TPPs) to enter the banking and payment ecosystem.

At the same time, account providers must also meet a series of technical requirements to ensure customer data is secure and only accessible with the appropriate authorisation and consent.

To comply with these technical requirements, account providers must provide a facility for TPPs to test new services and applications before the next enforcement date of September 14 for Regulatory Technical Standards.

Accelerating compliance

The ForgeRock Sandbox is fully compliant with Open Banking and PSD2, and meets the agreed standard for testing the functionality of Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs).

The cloud-based solution can be deployed rapidly, empowering organisations in the ecosystem to achieve full compliance in line with required deadlines while also accelerating the development of web and mobile applications for payment service users.

Developers and architects can gain immediate access to test the public version of the

ForgeRock Open Banking Sandbox, which supports the key components that application developers require when testing consent, onboarding and access, including:

  • Account and Transaction API: The endpoint requests and responses for account requests.
  • Payment Initiation API: The endpoint requests and responses for payment requests.
  • Security Profile: The security standards that underpin the APIs.

ForgeRock financial services and regulatory vice president Nick Caley says, “Opening up APIs will completely change the financial services landscape by driving new competition, collaboration and innovation.

“However, with tight timescales to meet the upcoming PSD2 deadlines, financial institutions are facing significant challenges to ensure success with this wide-ranging set of regulations.

“The ForgeRock Open Banking Sandbox can provide financial institutions with a compliance-ready managed service that can prevent significant technical headaches, and save time and money, both now and in the future.