Open Banking Pilot for a Leading Canadian Bank Client: A top-5 Canadian retail bank • Sector: Retail Banking • Region: Canada Names and parties anonymised. Hostnames are masked for confidentiality. Executive Summary A major Canadian bank wanted to prove Open Banking readiness ahead of regulation.
Read more →Case Study: Santander UK - Open Banking DCR That Actually Works When PingFederate didn't support UK OBUK-style Dynamic Client Registration out of the box, we built it - safely, deterministically, and auditably - and enabled Santander UK to onboard TPPs at pace. Highlights Custom Golang DCR microservice/plugin extending PingFederate for OBUK SSA (RFC 7591) CBAT-style enforcement before CBAT: transport certificate checked against cnf claim SSA persistence in PingFederate extended properties + SSA hash stored for integrity/audit Support for UK OB DCR profile and RFC 7592-style client management semantics Deterministic client_id strategy to prevent duplicate client sprawl Full documentation & knowledge transfer to Santander teams Client Overview Santander UK needed to enable Open Banking onboarding for third-party providers (TPPs) using the UK Open Banking (OBUK) profile.
Read more →Case Study: Banco Santander - Delivering Open Banking at Scale How a hybrid Apigee + PingFederate architecture enabled multi-brand Open Banking with secure mobile and web journeys, streamlined TPP onboarding, and full knowledge transfer. Client Overview Banco Santander, one of the world's largest retail and commercial banks, needed to evolve its digital infrastructure to meet Open Banking requirements across multiple sub-brands and customer journeys.
Read more →I Helped Build UK Open Banking - Here's What Canada Needs to Know Canada is on a mandated path to introduce Open Banking to consumers. They follow in the footsteps of other jurisdictions which have already trodden this path. Here's a timeline which compares Canada's obligations to what has already happened in the UK.
Read more →Dynamic Client Registration in Open Banking: UK, Brasil, and FDX Compared Dynamic Client Registration (DCR) is a key component of Open Banking infrastructure, allowing fintechs and banks to onboard securely and automatically. But not all implementations are created equal. Here's how the UK, Brazil, and FDX differ.
Read more →Understanding Optional SSAs in FDX: DCR with and without Software Statements In the world of Dynamic Client Registration (DCR), one acronym tends to trip up even experienced implementers: SSA. While Open Banking specs like the UK's and Brazil's mandate Software Statement Assertions, the FDX spec takes a different approach-SSAs are optional.
Read more →What's New in FAPI 2.0: The Future of Open Banking Security 27 March 2025 • by Opendata Consult Ltd With the ratification of FAPI 2.0 in early 2025, the OpenID Foundation has delivered a major update to the standards underpinning secure financial APIs.
Read more →Why FAPI is the Backbone of Secure Open Banking 26 March 2025 • by Opendata Consult Ltd Open Banking has reshaped how consumers and institutions interact with financial data. At the heart of this transformation lies the need for secure, interoperable APIs that can handle sensitive information without compromise.
Read more →👋 Enjoyed the article?
Book a Call with Us