This was a world first – enabling teams from across Europe to get together and build applications against a fully working reference implementation of a PSD2 Open Banking standard. I’ve learnt three things today…
We’ve made a great standard
Over the last 2 years, I’ve put together teams and a collaboration model to develop this standard. We started with a UK focus (to enable ASPSPs to meet their obligations under the CMA Order) and evolved it into a global standard with an Open Licence (so that it enables any ASPSP in Europe to meet their PSD2 obligations, and which is being copied in many markets outside Europe).
This collaboration has involved over 1000 business and technical experts from ASPSPs and TPPs, attending over 50 workshops, then sharing ideas and feedback online in an open forum. I’ve been getting comfortable that the standard covers regulatory requirements, as we’ve had a huge amount of input, and we’ve are continually iterating it as ASPSPs go live with different versions.
And even though we’ve built some great reference apps and tools, this hackathon was the first time I was able to see teams actively building real world applications. We saw over 50 developers spread across 10 teams. Eight teams made it to the final day, and each of these built a great application which solved a real end-user problem.
Critically, all the teams got their head round the complexity of using certificates to connect to the Forgerock bank, built a consent flow, then accessed resources to either retrieve data and/or make payments. This is a great testament to everyone who has worked so hard over the last two years to develop such comprehensive and well documented specifications for the standard.
There is a need for more help and support
Over the weekend, we had a number of mentors on hand, many of whom had developed sample code. Where teams could use this code (e.g. it was in their preferred language) they were able to move much quicker. Several of the teams offered to make their code available too, and over the next few months we will start to see many more open source libraries – essential to give the ecosystem a very much needed leg up.
One thing I am going to take back to Open Banking Limited (OBIE) is how we can address the challenge to make it easier for developers to find and access these libraries as they become available. However, this is only half the equation. Part of the reason the teams could move so quickly was that they were building against a very good implementation – the Forgerock bank. So two things need to happen next:
- ASPSPs need to implement our standard well. And OBIE is developing a suite of applications and a certification process to help ensure just this.
- More ASPSPs across Europe should use our standard, since I don’t see anything like this rigour from other standard bodies yet.
Open Banking really is going to make a difference
All the teams worked in close proximity and at some pace. There was a real buzz in the room all weekend, and I am sure this is why they all did something amazing. I’m going to call out the two runners up and the winner.
Goodmark didn’t even exist till Saturday morning. The team was thrown together at the last minute but still developed a great concept – a ‘kitemark’ for ethical merchants. They built an AISP website where users could connect to their bank and see how much they were spending with each ethical merchant – this even included an element of social gamification. The end game is to encourage a market of ethical retailers, and to grow sales revenue for these.
Yapily built a PISP proposition including a mobile application called MoneyMe. Merchants who use this app get a QR code on their site which the app can scan to initiate a payment flow. The app can also send a Request to Pay message to another party, who can initiate a payment – great for splitting a bill, or getting paid by a supplier. It was amazing to see an RtP application built on top of the Open Banking API in two days. Even better, Yapily are making the code open source.
The winner was a Romanian PISP called IT Smart Systems, who developed an app called pay4me. Again this was a fully working payment application developed in two days. This app solves a number of problems where a user needs to get further authorisation in order to complete a payment. The demo showed how an employee can setup a payment request which is then sent on to a ‘known’ authoriser, who is prompted to authenticate via the ASPSP in order to complete the payment. This could be extended to so many other use cases, including parents approving their children’s online purchases.
Overall I was stunned to see how the teams could create near production ready code in two days. I can’t wait to see what teams like these will build over the next year.
And lastly, some thanks…
Forgerock are at the cutting edge of Open Banking. Special thanks to Eve Maler and Wayne Blacklock (who were in at the start helping define the Open Banking Security Profile) and Quentin Castel (the lead engineer building the Forgerock Directory and Model Bank). And thanks to Nick Caley and everyone from Forgerock who was there and behind the scenes, putting this together.
I’m sure I’ve missed off lots other people too. So please feel free to share this post and tag anyone else who helped make this happen.