Moneyou, the fully online subsidiary of ABN AMRO Bank NV, selected Konsentus Verify to support the roll-out of their PSD2 open banking offerings enabling them to concentrate on better supporting their customers.
The Challenges
Moneyou saw PSD2 as a key enabler of innovative banking services and planned to exploit all aspects of the new regulations to provide both market-leading functionality and value to their growing user base. Moneyou needed to find a way to build a compliant solution with minimum effort and impact on their systems and identified Konsentus as being the ideal partner to achieve this.
Selecting the Konsentus Solution
Moneyou looked at many options to validate TPPs before deciding to work with Konsentus. The main reason they selected Konsentus was that Konsentus Verify provided all the details they needed to validate a TPP’s eIDAS certificate and confirm their regulatory status in real-time giving them the confidence that only authorised TPPs were being given access to their system.
Moneyou also chose Konsentus for the ability to go live quickly and easily with little impact on their existing platform.
The Integration Project
The Moneyou PSD2 team use the Scrum Agile method and favours a contract-first development approach, meaning they develop their integrations against a formal (OpenAPI) API contract specification.
Their PSD2 implementation is based on the Amazon serverless environment consisting of API Gateway, DynamoDB and Lambda functions as a service. This allowed them to fully focus on the business logic of PSD2 and they had to spend little time on environments, servers or database setup. The lambda functions use NodeJS as execution environment, strengthened with TypeScript for strong typing.
The design of the PSD2 services includes a call out to the Konsentus Verify RESTful API as soon as the request is received from the TPP and the result is evaluated before any access is permitted to core Moneyou services.
“We strive to incorporate the latest technology and solutions in a smart way to ensure we offer a first-class digital banking experience to our customers. Konsentus supports us in ensuring we protect our customers in line with the PSD2 open banking directive, as we continue to evolve our products and services.”
Theo van Bon (Chief Operations Officer), Moneyou
The Moneyou team was able to complete full integration in one sprint (two weeks). After integration they were able to determine the validity of TPP certificates and check the various European registries in real-time as an integral part of each Open Banking API call, giving them a high degree of assurance that they were dealing with a valid TPP.
The team do not have to invest any further effort tracking changes to the TPP regulatory process as this is now managed by Konsentus.
Learnings from the Project Team
“If you’re developing in an agile way and you have to integrate with an external API it’s of pivotal importance that your counterparty works in the same way and most importantly works with a contract-first approach (OpenAPI specification). That combined with direct access to the support team during the development phase made it possible to integrate in one sprint (two weeks)”
Outcome
Konsentus Verify was implemented and tested in a single sprint enabling the Moneyou PSD2 project team to focus on delivering the overall solution and a great user experience for their customers rather than having to navigate regulatory compliance. Moneyou is now PSD2 open banking compliant and can make informed risk management decisions protecting their customers from the risk of fraud.
Summary
Implementing Konsentus Verify was extremely successful for the Moneyou team, enabling them to become fully PS2 open banking compliant without building a complex on-boarding process which many other banks initially implemented and then had to re-visit in order to satisfy Dutch National Bank (DNB) requirements. On its first request, Moneyou was given approval by the DNB and its team were then able to fully focus on delivering the product roadmap.