Story image

ForgeRock launches Sandbox-as-a-Service to facilitate compliance

18 Mar 2019

Digital identity management solutions provider ForgeRock has announced the availability of a new Sandbox-as-a-Service, designed to help banks achieve compliance with Open Banking and the Revised Payment Service Directive (PSD2).

The sandbox is already in production for several European banks that provide apps and services to over 35 million consumers.

Ensuring trust and consent in the API economy

The primary goal of PSD2 and open banking is to encourage greater innovation and competition within financial services.

To facilitate this, account providers are required to provide open APIs that enable Third Party Providers (TPPs) to enter the banking and payment ecosystem.

At the same time, account providers must also meet a series of technical requirements to ensure customer data is secure and only accessible with the appropriate authorisation and consent.

To comply with these technical requirements, account providers must provide a facility for TPPs to test new services and applications before the next enforcement date of September 14 for Regulatory Technical Standards.

Accelerating compliance

The ForgeRock Sandbox is fully compliant with Open Banking and PSD2, and meets the agreed standard for testing the functionality of Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs).

The cloud-based solution can be deployed rapidly, empowering organisations in the ecosystem to achieve full compliance in line with required deadlines while also accelerating the development of web and mobile applications for payment service users.

Developers and architects can gain immediate access to test the public version of the

ForgeRock Open Banking Sandbox, which supports the key components that application developers require when testing consent, onboarding and access, including:

  • Account and Transaction API: The endpoint requests and responses for account requests.
  • Payment Initiation API: The endpoint requests and responses for payment requests.
  • Security Profile: The security standards that underpin the APIs.

ForgeRock financial services and regulatory vice president Nick Caley says, “Opening up APIs will completely change the financial services landscape by driving new competition, collaboration and innovation.

“However, with tight timescales to meet the upcoming PSD2 deadlines, financial institutions are facing significant challenges to ensure success with this wide-ranging set of regulations.

“The ForgeRock Open Banking Sandbox can provide financial institutions with a compliance-ready managed service that can prevent significant technical headaches, and save time and money, both now and in the future.”

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.
65% of manufacturers run outdated operating systems – Trend Micro
The report highlights the unique triple threat facing manufacturing, including the risks associated with IT, OT and IP.