Open Data API Specifications Version 2 and Read/Write Security Profile Released Open Data API Specifications The Open Banking Implementation Entity (OBIE) is pleased to announce the release of Open Data API Specifications Version 2 for banking products, branches and ATMs. This follows on from the successful release of Version 1 in March 2017. These specifications allow API providers (e.g. banks, building societies and ATM providers) to supply up to date, standardised, information on products and services, so that API users (third party developers) can build web and mobile applications which will enable customers to move, manage and make more of their money. Version 2 is a significant upgrade to the previous version, with many enhancements including: A new data model, which is both more comprehensive and easier to implement; An updated and more detailed data dictionary; and An Implementation guide, with real world examples. API Providers are now able to access these standards with immediate effect and update to this version. To access the Open Data API standards, please visit https://openbanking.atlassian.net/wiki/spaces/DZ/pages/16320694/Open+Data+API+Specifications. OBIE does not provide direct access to live API end points; rather these are implemented and supported by each API Provider. If you wish to see which APIs are supported by each Provider, please visit https://openbanking.atlassian.net/wiki/spaces/DZ/pages/519143683/Open+Data+API+Dashboard. Open Banking Security Profile The OBIE is also pleased to announce the release of the Open Banking Security Profile (Implementer’s Draft). This profile defines how the Open Banking Read/Write APIs are secured using Mutual TLS, OAuth 2.0 and Open ID Connect. To view the Open Banking Security Profile, please visit https://openbanking.atlassian.net/wiki/spaces/DZ/pages/7046134/Open+Banking+Security+Profile+-+Implementer+s+Draft+v1.1.0. The Open Banking Profile is based on the OpenID Foundation’s Financial API Read and Write API Security Profile (see https://openid.net/specs/openid-financial-api-part-2.html), which in turn is based on the Read Only specification (see https://openid.net/specs/openid-financial-api-part-1.html). OBIE is a member of the OpenID Foundation (see https://openid.net/), a non-profit international standardisation organisation of individuals and companies committed to enabling, promoting and protecting OpenID technologies. OBIE is working with the OpenID Foundation to ensure that the profile is maintained as a world class security standard which provides the very best protection available for all users. For further information, please contact: press@openbanking.org.uk About Us Open Banking is a new, secure way for customers to take control of their financial data and share it with organisations other than their banks. Open Banking has the power to revolutionise the way we move, manage and make more of our money. For businesses, it is about making the management of cashflow and receiving payments cheaper and easier. Open Banking will make things simpler, faster and more convenient. Open Banking follows the Competition and Markets Authority (CMA) investigation into the supply of personal current accounts (PCAs) and of banking services to small and medium-sized enterprises (SMEs). Open Banking was created to enable innovation, transparency and competition in UK financial services. It is tasked with delivering the Application Programming Interfaces (APIs), data structures and security architectures that will enable developers to harness technology, making it easy and safe for individuals and SMEs to share the financial information held by their banks with third parties. Open Banking will bring substantial benefits. It gives customers and SMEs greater market choice and greater control over their money and associated data, along with better and easier access to new financial services providers in a secure environment. Notes to Editors: 1. Open Banking Ltd was set up by the Competition & Markets Authority (CMA) in September 2016 to fulfil one of the remedies mandated by the CMA following an investigation into UK retail banking. 2. The CMA’s investigation into the retail banking market (whose findings were published in August 2016) concluded that older and larger banks do not compete hard enough for customers’ business and that Open Banking should deliver a new, secure option for customers to be able to compare the deal they are getting from their bank. 3. Open Banking was created to enable innovation, transparency and competition to UK financial services. It is tasked with delivering the Application Programming Interfaces (APIs), data structures and security architectures that will make it easy and safe for customers to share their financial records by January 2018. 4. The data provided by Open Banking will enable developers to harness technology that allows individuals and businesses to share their financial records held by their banks with third parties. 5. Open Banking is a private body; its governance, composition and budget was determined by the CMA. It is funded by the UK’s nine largest current account providers and overseen by the CMA, the Financial Conduct Authority and Her Majesty’s Treasury. 6. The 9 mandated institutions (referred to as the CMA9) are: Barclays plc, Lloyds Banking Group plc, Santander, Danske, HSBC, RBS, Bank of Ireland, Nationwide and AIBG.