The Journey from Open Banking, to Open Finance and Open Data
The open banking ecosystem is developing strongly with significant and positive impacts on global finance; it is time for the world to witness the next chapters of open finance and open data. In fact, open banking emerged quite by chance. Previously, in the UK, when fintech companies were just entering the retail payment market, there were no specific regulations on how to collaborate or manage when parties were involved together. A study conducted by the UK Competition and Markets Authority (CMA) indicated that the retail banking sector in the UK was monopolized in this market. This research result created a push for the issuance of open finance regulations globally, aimed at improving competitiveness and economic development. From there, the concept of open banking was born, with specific provisions outlined in the PSD2 directive of the European Parliament, while concepts such as Account Information Service Provider (AISP – aggregating user data from multiple accounts) and Payment Initiation Service Provider (PISP – providing inter-account payment services) were also clearly defined. The emergence of open banking encourages banks to invest in API technology and develop partnerships with fintech organizations across Europe. Among them, Nordic banks were the first institutions to enthusiastically embrace this concept. Not all open banking models are the same When looking at the big picture, banks in the Nordic region have ample opportunities and technology to develop an open banking ecosystem thanks to the advancements of service providers as well as consumer acceptance. While in the Nordic countries, top banks fear losing customers and are quite quick to adopt advancements in open financial technology. Meanwhile, in the UK, users here are rather cautious due to fears of fraud, lack of personal data security, or unstable APIs, etc. An important factor contributing to success in the Nordic countries is that banks have become third-party service providers (TPPs) themselves, rather than allowing more innovative competitors to capture market share. A case in point is Danske Bank, which operates in all four major markets in the Nordic region with a payment application launched in the first half of 2018, and throughout the year, the banking interface between consumers and sellers was truly refined. Danske also allows customers to make payments from other banks within its banking app. These rapid transformations are made possible by several specific factors in the Nordic region, including the decreasing use of cash and the development of digital identity technology in the Nordic countries. In contrast to the Nordic region, at the same time in the UK, efforts to create open banking applications have not yet been widely accepted by users due to the barriers mentioned above. To overcome these barriers, the UK’s Open Banking Implementation Entity (OBIE) has created an app store for both users and businesses to search for and use financial services that complement their online bank accounts. Laws are not barriers but are put in place to support businesses serving users In many countries, the rapid development of technology outpacing legislation poses many challenges for both regulatory agencies and businesses: regulators struggle to establish an appropriate legal framework, while businesses face uncertainty about regulations, slowing down the process of delivering new services to consumers. However, the significant role of law in protecting users, safeguarding participants in the open banking ecosystem, and driving change and innovation cannot be denied. As pioneering data aggregation organizations in Europe – MoneyHub (established in 2009, UK), Bankin (established in 2011, France), and Spiir (established in 2011, Denmark) – have developed strongly to date. These organizations and their customers are strong evidence that users believe in the benefits of transferring money between accounts and making payments regardless of which bank their accounts are with. Additionally, there are other data aggregators aiming to maintain competition, ensuring that these transaction methods truly help consumers save time and reduce costs. In fact, when account aggregation apps added convenient payment features, the number of users increased exponentially. This shows the positive interaction between tech companies and regulators. In Northern Europe – where banks and fintech organizations have been ahead of regulators, leveraging APIs for a long time, not only for compliance with PSD2 regulations but also because these organizations want to create truly useful applications for users. Digital identification promotes open finance and open data In less transactional fields, such as the energy sector, digital identification helps accelerate the development of products and services as well as consumer adoption. Northern Europe is an example of applying digital identification in banking for commercial purposes. As a result, digital identification is quite commonly used in Northern Europe, helping to speed up the customer verification process; now, fintech companies not only compete with banks but can also compete with credit and debit card providers (who have weaknesses in storing customer information online). Overall, organizations and businesses outside the financial-banking sector should use digital identification. Because digital identification helps accelerate progress in all fields. Open data facilitates competition and drives innovation and creativity After a period of implementation and acceptance, open banking has developed faster than initially anticipated. Now, users can request banks to provide transaction history, identification images, and other information to any bank or third party they wish. Users can also easily change accounts, apply for loans, or register for credit cards with new providers. Additionally, users can manage their financial history on a single platform, without wasting time switching between applications. This journey is becoming increasingly attractive, as new players are also ready to join the “game.” In the future, organizations outside the financial sector will also use open data to provide highly personalized products and services based on users’ control over their own data. These “new players” will help users easily search for and be provided with necessary services that meet their needs. Any service that maximizes time and cost savings will succeed in the journey to win over users. Open data – Opportunities for leaders Accessing open banking and open finance from the perspective of regulators or users is not a problem that
Open Banking and financial inclusion strategy
1. What is open banking? Open banking allows third parties to access financial data such as current accounts, card accounts, savings accounts, loan information, and KYC information. In some markets like Europe, open banking also allows access to bank accounts to initiate payments, also known as open payments. Open banking is often associated with legal requirements that allow third parties to access bank accounts. This is most prominent in the United Kingdom, where “Open Banking is a national program implementing legal requirements for access to current accounts. However, open banking (or more broadly open finance) is also understood as the development of a new financial ecosystem based on connections between financial institutions and businesses, supported by APIs. Financial institutions are allowing fintech companies and other businesses to integrate financial services into their customer offerings, providing access to banking data and delivering full banking services through APIs. 2. The meaning of Open Banking and the factors driving Open Banking 2.1. The meaning of Open Banking Open Banking focuses on serving consumers, using API or SDK technology as the core foundation and operating within the financial ecosystem. Based on this definition, open banking has three main characteristics: data portability, customer autonomy, and the responsibility of the recipient. 2.2. Data portability The International Organization for Standardization (ISO) defines data portability as “the ability to easily transfer data from one system to another without having to re-enter the data.” Based on this definition, in open banking, consumers can share their relevant banking data with third-party service providers (TPPs), in accordance with “data portability.” Data portability in open banking is supported by standardized and compatible data technology, primarily APIs. 2.3. Customer autonomy Customer autonomy is the ability to consider and act based on reasons that are appropriate to the market context. This is a fundamental principle of liberal democracy, where marketers are allowed to influence customers but must respect their autonomy. Open banking empowers customers to control the sharing of their banking data, and this right is supported by the legal rights of customers to share data through open banking. 2.4. Responsibilities of the receiving party The open banking system requires third-party providers (TPPs) to be accountable to customers. Therefore, Fintech companies that receive banking data must be responsible for protecting this data from leaks, theft, etc. This is why closely managing TPPs through regulation is very important. Overall, these three characteristics of open banking reflect the goal of improving competitiveness, fostering innovation, and enhancing consumer protection. 2.5. Factors driving open banking a. Increasing customer expectations Customers expect seamless, instant services that provide added value to meet their financial needs. As consumers demand more personalized financial tools to improve their financial situation, financial institutions (FIs) will have to compete with fintech companies to maintain customer relationships and generate new revenue streams. Open banking and open finance allow financial institutions to leverage customer financial data to enhance customer experience and reduce administrative costs for processes such as account opening, mortgage application, and home loan borrowing. For example, HSBC allows intermediaries to share business account statements of self-employed mortgage borrowers through open banking, shortening the time from loan application to approval. Banks and fintech companies can develop innovative and personalized financial solutions in the payments sector, such as lending or personal financial management (PFM). This is a fertile ground: Over 90% of consumers in North America use digital applications to manage money, from products and services for simple financial tasks like bill payments or digital banking to more complex needs like financial forecasting, cryptocurrency investing, and crowdfunding. Worldwide, the movement demanding the transfer of control over personal data to consumers, especially data shared with third-party service providers (TPPs), is becoming increasingly strong. Therefore, service providers (such as banks, fintech) need to adjust their systems to allow customers to decide the data they share, including granting customers the right to permit (or revoke) data sharing and only allowing the recipient to use the data for SPECIFIC PURPOSES that the customer has agreed to. Open banking enables businesses operating in the financial sector to leverage customer financial data, after obtaining their consent, to develop innovative and highly personalized financial solutions. b. Open API connectivity is becoming increasingly popular With Open API, financial institutions (FIs) can expand their service distribution channels by collaborating with fintech companies. Open banking through APIs can be seen as the next step in the evolution of banks’ distribution models. By sharing data via Open API, financial institutions allow fintech companies to integrate this data into their applications. FIs can charge fintech companies for data usage or establish revenue sharing if the partner brings new customers to the FI. In this way, FIs create an ecosystem of third-party developers, providing innovative experiences for customers without having to develop everything in-house. Financial institutions (FIs) can also connect through APIs with other financial service providers and offer their products to customers. In this way, FIs can quickly bring new products from leading providers to market. As a result, the traditional value chain of banking and financial services is shifting from a single approach to a multi-party ecosystem. However, many financial institutions and large enterprises are still in the process of digital transformation. On the other hand, the infrastructure of fintech companies is designed with an API-first and cloud-based approach. The challenge for financial institutions is to modernize their infrastructure while meeting the rapidly changing demands of customers and complying with increasingly complex legal requirements. c. Customer identification has become a core element in business strategy Customer identification is one of the top priorities for businesses. Financial institutions (FIs) are striving to modernize their customer identification solutions. Some notable trends in this area include: Modernizing customer identification at financial institutions (FIs) is often driven by the desire to improve digital experience. This is not a new motivation, but the provision of multi-party services is creating challenges as the old identification systems of FIs hinder a seamless experience. Financial institution leaders are well aware that multi-party services are a
Europe pushes Open Banking: Mandatory UX improvements on banking apps
How you see and interact with your online bank accounts is about to change. That’s because Europe is forcing change into the financial market. Digital transformation is a thing this decade. “Digital disruption,” startups who want to be “the Uber of X” in their industry, and going “mobile first” are not new trends. But the banking industry has been slow to move with the times. New businesses have started to push into the European banking market. Yet progress has been slow, due to both regulation and customer inertia. Even though companies who focus on the best customer experience outperform the market. The pace of change in the banking industry will accelerate in 2018. Some new laws coming into effect are to thank. Why are things changing? European governments have decided that “traditional” banks are uncompetitive and slow. New banks find it very hard to break into the market. To do something about this, they have created some new legislation. This new legislation will force all banks to share a lot more digital information when their customers ask them to. As the above diagram shows, current core banking services will have a new digital interface added. This is called an API, or Application Programming Interface. It will allow third party “fintech” (Financial Technology) apps and services to get information directly from your bank. It’ll also add a new layer of tools on top. These fintech apps may be provided by your bank, or by external companies. All these changes must become law by January, 2018. In addition to the European legislation (PSD2), the UK has its own version (Open Banking). So this change will affect the UK regardless of Brexit. What differences will it make? This piece will focus on three of the biggest, broadest changes and how they will affect consumers. I will also follow up with a deeper dive into each change. There, I’ll discuss possible side effects as well as business opportunities. Direct bank account payments What are they? Right now, if you’re shopping online, you would most likely choose to pay with your debit card. The merchant (e.g. Amazon) has an acquirer (e.g. WorldPay) who coordinates with your debit card provider (e.g. Visa). They will then pull the payment out of your bank account (e.g. Barclays). That’s a lot of companies — and they’re all getting paid. The idea is that you, the consumer, can instead “push” a bank transfer direct from your bank (Barclays) to the merchant (Amazon). How it affects you, the consumer In the future, instead of entering all your card information, you’d grant Amazon permission to access your bank account. The user experience would be like logging into other websites with your Facebook account today. The first time, it will take you to your bank’s website and ask you to confirm your authorization. After that, the permission should stay active until you revoke it, so you can just click and buy. It will be interesting to see how this change affects all those other companies who were playing the middlemen. That will, of course, have an indirect effect on you. But it’s hard to say exactly what. Amazon’s costs should go down. Will they pass those savings on to you, or otherwise incentivize you to pay in the way that’s cheapest for them? Information sharing across all financial institutions What is it? Currently, the only way to get your bank information online is to log on to the website. Or perhaps they have a clumsily ported mobile website, packaged as an “app.” If you wanted to let another organization see your bank account, you’d have to give them your login details. This breaks the bank’s T&Cs, and would cause all kinds of issues in case of fraud or misuse. How it affects you By the new regulations, banks must provide a secure way for third parties to access your banking information. You will be able to consolidate all your information in one place, and see your ‘actual’ balance across all banks, accounts, and cards. Furthermore, you’ll be able to use that information in useful services. For example, some of the new “challenger banks” like Monzo or Starling can show you a breakdown of your spending. They can do it by category (e.g. restaurants), then by store (e.g. Nandos), then by transaction. They’ll even show you the location of that pub where you bought a round last night. Now imagine if you didn’t have to switch current accounts or wait for your bank to bring out something similar. You could just plug in to a service that collates it for you, from all your accounts and credit cards. After these changes, that should be possible and even simple. There are many possible applications for this type of information. Some examples include: personalized credit or budgeting advice; easier savings; easier current account switching (based on automated, personalized advice); better terms for loans or credit (in exchange for more access to your information for underwriting); easier personal tax returns, or small business accounting; third party fraud detection services you can use across all your cards and accounts; simpler and cheaper international transfers; and the list goes on. Let’s look at an example of the possible, unexpected side effects of the improved customer service and transparency banks can provide. There’s a great story here about how Monzo helped one customer get his stolen bag back the same night it was taken. There was even a bonus bottle of Jack Daniel’s included. Strong authentication for online payments What is it? Authentication is how the bank or payment provider knows that you are who you say you are. Given how much of your financial information they’ll be able to share, it’s critical that they use it securely. This is where authentication comes in. The new regulations will require multi-factor authentication in many areas. This will include every online purchase over €30. There are three commonly recognized methods of authentication: Using more than one of these methods together is “2-factor” or “multi-factor” authentication. How it affects you The average online
How does data work in open banking?
Open banking is a new financial ecosystem that allows users to securely share their personal financial data with third-party organizations, which can be fintech companies or other financial institutions. By sharing data, these organizations can provide personalized financial services to users. So how is open banking data being processed and what is it used for? Open banking: Managing user consent for data access (consent management) To provide and develop quality products and services, third-party providers (TPPs) need user consent to access their financial data, which is then filtered and processed for research purposes, and to build new financial products and services. Consent management is a sensitive issue that requires caution and understanding of legal and technical aspects. Contrary to popular belief, consent management is not simply clicking or checking the “Agree” box; it is a structured process that complies with regulations and directives in each region and country, such as the PSD2 directive or GDPR regulations in the EU. The approval management process in banking usually proceeds as follows: Some organizations may have different ways of expressing the agreement to access data, but this will be the most common mechanism, often used in: Understanding how data and information flow during the consent request process is a key factor in the transparency and success of organizations in open banking. The process of managing the approval of open banking data sharing The approval management process is typically divided into three stages: a. Agreement stage b. Verification stage c. Authorization stage Throughout the process, users are always aware of who they are granting data access to, for how long, and for what purpose. In particular, users can withdraw consent at any time. The information users are aware of typically includes: Open banking data sharing: How does it work? Open banking allows third-party financial service providers to access information with the user’s permission. Technically, this process is carried out through open APIs. Legally, the data sharing process is monitored and regulated according to current government regulations, such as the Payment Services Directive PSD2 in the EU or the Open Banking Act in the UK. However, these regulations vary by region, so the types of data shared through open banking services also differ. Typically, to ensure transparency and integrity, there will be multiple layers of security and verification in the data exchange process between financial institutions and third-party providers. The transmission of data from one side to the other is done in “an instant” thanks to APIs to ensure seamless, safe, and efficient communication. Who can access open banking data? Not everyone can access data in open banking. To view this data, consent from the user is required, and the third-party provider must also be licensed. Third-party providers must meet specific requirements before being granted access to the user’s financial information. Regulatory authorities will be responsible for granting access to user data for third-party providers, such as in Australia, where the Australian Competition and Consumer Commission (ACCC) is responsible for licensing open banking data. These authorities are responsible for ensuring that the sharing of personal financial data does not violate the law and can grant, modify, or revoke data collection licenses. What data is collected in open banking? The data collected by open banking service providers may vary depending on the regulations of each country/region as well as the type of services provided. Regulatory authorities often impose strict regulations on the type of information that can be collected, limiting the scope of data collection to ensure that third-party providers only access what is necessary. The most commonly collected data includes: How do open banks protect user data? In fact, data protection in open banking is a matter of great concern to regulatory agencies and financial institutions. Security measures implemented include: However, alongside protective measures, there are still some risks that developers and users are concerned about, such as: In summary, while it is impossible to completely eliminate risks, current security measures have been established to ensure that user data is safely protected in open banking systems. However, users should also protect themselves by using strong passwords, regularly updating software, and being vigilant against phishing attacks. Additionally, allowing users to manage open banking data is also a great way for users to take responsibility for when and how they want to provide their information. Third-party providers need to clearly inform about the purpose and the data that will be collected to ensure transparency and the privacy of open banking data. About SAVYINT and the SAVYINT Open Banking solution SAVYINT is a trusted service provider leading the market and is in the TOP 10 leading IT companies in Vietnam. SAVYINT has successfully developed the SAVYINT Open Banking solution – a specialized system dedicated to the Finance – Banking sector, meeting legal and technological requirements to create connections and build a digital financial ecosystem. With a solid technological infrastructure and experience in deployment and operation, SAVYINT provides customers with advanced technology and the best user experience. The SAVYINT Open Banking solution encompasses all the features to become a reputable standard platform in the Finance – Technology field: Open banking applications are the key to accelerating growth in the financial sector. Connect with SAVYINT now to leverage and experience the features and benefits of open banking today!
Security challenges in Open Banking and solutions
The development of Open Banking brings many opportunities but also presents challenges, particularly in the area of security. So what is the solution to security issues in Open Banking? Let’s explore with SAVYINT in the article below. According to predictions by The Financial Brand, Open Banking is one of the eight fintech trends set to transform the banking industry. In Vietnam, Open Banking is becoming an inevitable trend and a key growth direction for banks. Open Banking is a unified model that enables the sharing of financial data between two or more third parties through Open API (Application Programming Interface) technology. In this model, banks collaborate with technology partners that offer innovative services and provide technology platforms to build a digital financial ecosystem that meets customer needs. Security Risks in Open Banking The openness of the Open API model raises significant challenges for the banking sector, with privacy and data security being the most prominent. Incomplete Legal Framework Open Banking is rapidly growing within Vietnamese banks. However, the legal framework for Open Banking is incomplete and lags behind the pace of technological development. Currently, there are no specific regulations guiding Open API usage (e.g., what data can be shared, how partners can use the data, under what standards, etc.), and there is no unified standard for IT infrastructure, storage, or security. As a result, commercial banks are applying different API security protocols. In this ecosystem, if any party uses an API protocol that is not robust enough, the risk of data leaks or theft is very high. Moreover, customers cannot be certain how their personal and financial information is being secured and used. Risks from Non-Banking Partners Open Banking allows third-party service providers to access users’ financial data. To expand their service ecosystems, banks will partner with technology companies offering innovative products and services. These partners often propose security measures to collaborate with banks, but in reality, few provide viable solutions. Strong infrastructure, technological expertise for implementation, and risk control capabilities are essential criteria that technology partners must meet. However, not every technology company can fulfill all of these standards. SAVYINT Open Banking Platform – Vietnam’s First Comprehensive Open Banking Solution Choosing a reliable and promising partner is a crucial issue for banks. Understanding the challenges faced by the banking sector, SAVYINT has developed the SAVYINT Open Banking Platform, a solution that addresses both legal and technological needs to connect and build a digital financial ecosystem. Financial-Grade API Security Standards The SAVYINT Open Banking Platform applies advanced security solutions, such as OAuth (RFC 6749, RFC 6750), and is a pioneer in providing Financial API protocols with secure JSON Data Schema structures that ensure: Strong Customer Authentication (SCA) – Identity and Access Management (IAM) This solution enables financial institutions and enterprises to quickly and securely identify and authenticate end-users across multiple platforms, minimizing risks in electronic transactions: Customized API Design Services The SAVYINT Open Banking Platform provides financial institutions and enterprises with a solution to optimize API resources. It offers a comprehensive, end-to-end solution tailored to the diverse needs of financial institutions and banks in Vietnam. Open Banking is the key for Vietnamese banks to accelerate growth and lead the digital transformation of the banking industry. Beyond preparing for potential input risks, banks need to research and select suitable partners with the highest international security standards. Contact SAVYINT’s experts today for immediate support!
Open API – The key to promoting open banking
The Open API has changed the way banks serve their customers, in order to improve the user experience and increase competitiveness in the market. This promotes the development of new operating models in the Finance – Banking industry, typically Open Banking. Why is Open API key to Open Banking? Currently, users are using too many applications for payment, financial management, shopping, authentication,etc. In other words, having to load a series of different applications at the same time causes users a lot of trouble and complexity in sharing data, managing reports or retrieving information. So, that has led to the increasingly widespread use of APIs as well as integrated applications namely Open Banking. The main purpose of the Open Banking API is to create a unified model that allows financial data to be shared between two or more third parties. Widespread use of Open APIs, banking institutions form a true API ecosystem; providing the best customer experiences thanks to the ability to combine the digital services of multiple providers in one application. Users can access a variety of financial products and services directly connected to the financial databases of banks. Along with the development of the Industrial Revolution 4.0, more and more consumers use products and services from Fintech. Therefore, instead of competing, cooperation with Fintech companies is essential for the bank to stay ahead of new technologies to provide attractive services to its customers. This approach forces banks to establish an open API architecture that facilitates the plug-and-play integration of banking and Fintech services, ultimately creating banking app stores with multiple utilities and services. “Open Banking” – Open Banking using Open APIs is becoming a new trend. Open banking creates opportunities to form diverse integrated financial and non-financial services, generate new revenue sources for financial institutions, and expand customer base with a secure ecosystem of data sharing applications. Open API application for Savyint Open Banking Solutions: A comprehensive solution system for Open Banking Pioneering and accelerating strongly on the digital transformation race, SAVYINT has been ahead of the Open Banking trend. In addition to launching Savyint Open Banking Solutions specifically designed for the Finance – Banking industry, meeting the legal – technological needs to connect and build a digital financial ecosystem, SAVYINT also connects and cooperates with prestigious organizations and enterprises on Open API in Vietnam and around the world to develop an open ecosystem with Open API such as DX Open Healthcare Platform (Open Health), DX Open Gov (Open Government),… Some of SAVYINT’s leading partners in providing Open API and Open Banking solutions: With a solid technology foundation and infrastructure and partners with experience in implementing and operating the world’s leading Open API, SAVYINT will provide customers with the most advanced technologies and optimal user experience. Contact SAVYINT today to help your organization lead the way with Open Banking!
QTSP and Remote Signing bring great competitive advantages to Vietnamese Financial – Banking organizations
With QTSP certification for remote signing models, HSM digital signatures, and electronic authentication services provided by a QTSP in Vietnam, digital signatures and electronic certificates will be widely recognized in all 27 EU countries. This will bring a great advantage to domestic organizations and businesses, especially in the finance and banking sector. QTSP and the challenge of secure electronic authentication in transactions One of the most difficult challenges in the digital finance and economy is the process of secure electronic identification and authentication in transactions. Previously, banks operated their own specialized CA systems for parties to register for services. However, this system quickly became overloaded when third parties or multiple financial institutions registered and authenticated each other, leading to an increasingly complex and difficult-to-control identity database, not ensuring interoperability according to an international standard for system security operations. This issue contradicts the purpose of expanding the digital finance ecosystem of the Payment Services Directive 2 (PSD2) and, more recently, the Open Banking strategy of countries worldwide, hindering the development of the financial market in particular and the digital transformation of the economy and society in general. To solve this difficulty for banks and financial institutions, the Common Technical Standards (RTS) for the Payment Services Directive 2 (PSD2) issued by the European Banking Authority (EBA) has accepted the use of qualified electronic signatures (QES) and qualified electronic seals (QSeal) issued by a Qualified Trust Service Provider (QTSP) for the identification and authentication process under the Open Banking model. This opens up a trusted, legal, and widely recognized authentication method for banks and financial institutions participating in the global digital economy. The eIDAS regulation applies QTSP certification as the highest standard of security, reliability, and confidentiality in electronic transactions. Currently, only QES qualified electronic signatures for individuals and QSeal qualified electronic seals for organizations provided by a Qualified Trust Service Provider (QTSP) are recognized throughout the EU with the same legal effect as handwritten signatures or seals without the need for any other assessment or explanation procedures. Without using the electronic identification and authentication services of a QTSP, organizations participating in the digital financial market cannot perform electronic authentication processes with regulatory authorities. Failure to comply with the QTSP’s assured identification and authentication service standards will lead to numerous potential risks for organizations participating in the digital finance and economy: In addition, the financial market is one of the most sensitive markets to constant security risks and the risk of document forgery. Along with the Payment Services Directive 2 (PSD2), the Open Banking strategy in Europe also allows the trusted services of QTSPs to be the only method to ensure trust between payment service providers, customers, and financial institutions. Competitive advantages of Vietnamese financial institutions and banks from QTSP and remote signing models In July 2021, SAVYINT officially became the first trusted QTSP service provider for digital signatures, electronic seals, remote signing models, and HSM digital signatures in Vietnam, in accordance with EU eIDAS regulations. This means that all 27 European countries fully recognize the digital signature and electronic seal services provided by SAVYINT under the remote signing model. Operating under the SCAL2 security authentication mechanism, the system ensures that only the signer has the right to activate the signing key stored securely on the HSM encryption device, uniquely controlling the signing key, and fully complying with the requirements for the SAM module with CC EAL4+ certification with EN 419 241-2. This will open up opportunities for Vietnamese organizations and businesses to conquer the European market, promote the development of cross-border electronic transactions and e-commerce, and enter the common playground of Vietnam with EU partners in the context of the Vietnam-EU Comprehensive Partnership Agreement and the EVFTA. For providers of electronic payment and transaction services such as financial institutions and banks, having a QTSP in Vietnam will help solve a major bottleneck in the digital finance ecosystem, digital banking, and open banking, aiming to expand the market and integrate into the international arena. This is the unification and interconnection in the process of secure electronic identification and authentication, creating a synchronized electronic transaction market according to a common technical standard, reducing congestion and transaction interruptions due to rejections by the parties involved. Quick application and full utilization of the advantages of electronic authentication and digital signature services from a trusted QTSP service provider will help financial institutions and banks modernize and comprehensively digitize electronic transactions, promote e-commerce, build digital banking and open banking systems, and aim to attract more new customers, new markets, and increase revenue and profits. Connect with SAVYINT now to get advice on specialized solutions for developing Digital Banking and Open Banking!
SAVYINT and Konsentus accelerate open banking in Vietnam
Hanoi and London, 8 March 2024, SAVYINT and Konsentus have created an operational structure for open banking in Vietnam. SAVYINT, one of the country’s leading providers of digital capabilities, and a key supplier of technology services to the Vietnamese financial services community, engaged Konsentus, a global provider of open banking advisory services and trust infrastructure, to collaboratively create a legal and operational framework for open banking. In support of the country’s vision to develop an advanced and high-quality connected digital society for all individuals by 2030, SAVYINT sought support from Konsentus to create a framework for an innovative and cutting-edge open banking infrastructure to enable further growth and development. Konsentus has worked collaboratively with SAVYINT to: This open banking framework will provide the foundational bedrock for open banking in Vietnam and will allow the market to take the next step towards an open data-sharing ecosystem It puts the nation amongst other market leaders in the region. Konsentus, advisors to central banks, regulators, and market infrastructures, is renown internationally for providing expert support to help jurisdictions shape the future direction of open finance. They work with, and for, the local market to champion accessibility to financial services and drive competition, innovation and financial inclusion. SAVYINT provides trusted digital products, solutions, platforms and services in strict compliance with Vietnamese and international standards. Their transformation solutions support all industry verticals ranging from government and healthcare to BFSI and telco. Mr. Van Hoang Nguyen – Chairman of the Board of SAVYINT “Open banking can enable economic growth and social development. It provides a comprehensive view of all financial data to customers and enables businesses to access a wider range of financial services. Banks cooperate with third-party providers to optimise the user experience when using financial products and services. With open banking ecosystem, consumers can execute direct payments to merchants from their bank accounts, eliminating the necessity for card-based transactions. Konsentus has been a crucial partner in understanding global best practice and defining the appropriate structure for the Vietnamese market. We are sure that what we’ve delivered together is tailored for the market and will set the country up for future success.” Jim Wadsworth, EVP Strategic Market Development, Konsentus “Our international footprint and in-depth understanding of global open banking ecosystems has enabled us to streamline processes and develop a framework tailored to local Vietnamese market requirements. Vietnam is a burgeoning economy but 44% are still unbanked and 70% still live in rural or remote areas. Open banking can support financial inclusion and the broader digital transformation agenda. Konsentus looks forward to supporting Vietnam on its open banking journey.” About SAVYINT SAVYINT is a leading provider of trusted digital products, solutions, and services with deep expertise in PKI systems, digital signature solutions, data encryption/privacy, open banking, blockchain & key management, cybersecurity services and AI and cloud applications… Committed to international standards, SAVYINT delivers top-tier solutions designed to meet the highest security and compliance requirements. Its advanced technical infrastructure supports digital transformation across diverse sectors such as government, healthcare, finance, education, logistics, transportation, telecommunications, and broadcasting. With a strong focus on innovation and security, SAVYINT is a reliable partner for organizations seeking to enhance operational efficiency and data security in the digital era. About Konsentus Konsentus provides specialist advisory services and technology solutions to support the national implementation of open finance ecosystems. Subject matter experts, Konsentus advisors have a proven track record in navigating complex, multi-stakeholder ecosystems and understanding individual regulatory and market requirements. Konsentus’ award-winning technology powers national open finance infrastructures. Modular and scalable by design, our solutions are tailored to individual market requirements, enabling ecosystem participants seamlessly to identify each other and interact within a safe and trusted environment. Founded in 2018, Konsentus is active across 37 markets and counts many of the largest global financial institutions as clients. Konsentus is ISO 27001 certified.
SAVYINT Presents at the “Hanoi – Smart City and Open Banking Ecosystem” Symposium
On the morning of October 2nd, Mr. Hoang Nguyen Van, Vice Director of the Institute of Innovation and Digital Transformation (VIDTI) and Chairman of the Board of SAVYINT, delivered a presentation on the topic “The Benefits and Challenges of Implementing the Open Banking Ecosystem” at the symposium. The “Hanoi – Smart City and Open Banking Ecosystem” symposium was part of the 2024 Vietnam Card Day event series. It saw the participation of the Hanoi City leadership, Deputy Governor of the State Bank of Vietnam, and leading representatives from the financial and banking sectors, coming together to discuss and exchange ideas for a smart, clean, and digital Hanoi. Speaking at the symposium, Mr. Ha Minh Hai, Vice Chairman of the Hanoi People’s Committee, emphasized that in the context of international integration and the development of the fourth industrial revolution, building a smart Hanoi is both essential and urgent. This forms the foundation for improving residents’ quality of life, optimizing urban management, and achieving sustainable, green, inclusive development. Mr. Pham Tien Dung, Deputy Governor of the State Bank of Vietnam, shared similar views, stating that the transition to a smart city and digital transformation in the banking system are closely intertwined, with the emergence of the open banking ecosystem being a key factor. This transformation is linked to the integration of technology platforms, payment solutions, and data sharing to develop a strong digital and open banking ecosystem. Following this, Mr. Hoang Nguyen Van elaborated on the advantages open banking brings and the challenges faced in its implementation in Vietnam. According to Mr. Van, in recent years, as the trend of digital banking has grown, banks have increasingly sought to acquire new customers, reduce operational costs, and foster innovation. These needs have given rise to a new ecosystem—open banking. Third parties have emerged to help banks solve challenges related to increasing customer acquisition, improving service quality, and optimizing ecosystem integration at the most efficient costs. In the open banking ecosystem, all participants benefit. Banks and third parties gain new revenue streams by leveraging each other’s strengths, which in turn fosters the development of innovative products and services. Individual users enjoy personalized services and enhanced data security, while businesses benefit from easier access to banking services, expanded customer and partner networks, and optimized operational efficiency. Despite the numerous benefits, implementing open banking in Vietnam still presents challenges. While Vietnam has introduced personal data protection regulations (Decree 13/2023/ND-CP) and the State Bank of Vietnam’s regulations (Decision 2345/QD-NHNN), there is still a lack of clear standards on technical requirements, open API connectivity, and operational guidelines. After highlighting countries like India, Singapore, and South Korea, which have successfully implemented open banking through strong legal frameworks, Mr. Van stressed, “Only a clear legal framework can create favorable conditions for the open banking ecosystem to thrive and benefit all stakeholders.” Concluding his presentation, Mr. Van proposed a four-step implementation model for banks, starting with initial analysis and assessment, deployment models (legal framework, service models, templates), application of rules and processes, and finally, design and technical standards. This model serves as a guide for banks participating in the open banking ecosystem. Throughout the two working sessions, SAVYINT representatives and experts discussed various issues related to urban management, technology solutions, and enhancing the legal framework for the open banking ecosystem. Building a smart city requires more than technology and expertise—it also demands government support in terms of institutions, laws, and management methods. Particularly in a large city like Hanoi, with its extensive economy and population, these challenges must be carefully considered to ensure comprehensive development. With a wealth of experience both domestically and internationally, SAVYINT continues to research and provide cutting-edge technology solutions in the fields of digital transformation, information security, and fintech. In the emerging field of open banking, SAVYINT offers specialized Open Banking Solutions and Services tailored to the financial sector, meeting both legal and technological requirements while fostering connectivity and building a digital financial ecosystem. With its expertise and technological capabilities, SAVYINT is confident in supporting and advancing open banking in Vietnam.