Open Banking based on API Platform Cloud Service – support Payment Services Directive (PSD2) EU Regulation


Revised Directive on Payment Services or PSD2 is aimed at further developing an EU-wide market for electronic payments. Member states have to transpose the directive into their national laws till January 2018.

Payment service user must have an overview of financial situation at any given moment and have aggregated online information on payment accounts held with other payment service providers, particularly payment account transaction and balance data, all within a secure environment, with strong customer authentication, via application programming interfaces (APIs).

PSD2 contemplates a simplified payments value chain in which the card network can be fully disintermediated. In addition to the dramatic erosion of their payments revenues, banks are also set to see their interest-based revenue streams impacted by a loss of ‘customer ownership’. Account-data aggregators aiming to pull account information from multiple banks into their application, are warning for banks, unless banks themselves also become aggregators of choice.

By offering ‘payment initiation provider’ and ‘account information provider’ services – a bank could significantly improve its ability to sell customer insights, due to the increased availability of customer data and touch points.

Oracle API Platform Cloud Service (APIPCS) simplifies and accelerates the process of delivering open banking and PSD2 compliance by enabling speedy and secure delivery of banking APIs. APIPCS increases level of comfort that businesses are gaining in having their applications and data outside the security of their on‐premises firewalls.


APIPCS offers full life cycle API management: planning, design, implementation, publication, operation, consumption, maintenance and retirement of APIs. It includes a developer’s portal to target, assist and govern the communities of developers who embed the APIs, as well as the runtime management and analytics.

APIPCS provides key features of API platform: (i) Building APIs – Creating an API on top of a service that, for example, accesses data formerly locked inside monolithic applications. Rapid API construction with run‐ready policies for controlling usage of APIs; (ii) Securing APIs – Assigning industry‐standard securities to APIs with no coding. Integration with existing enterprise identity management systems; (ii) Deploying APIs – Once the APIs are created, they’re deployed to an API gateway for usage with one‐click. Gateways can run in the Oracle Cloud or on‐premises, close to back‐end services; (iii) Publishing APIs – Documentation can be auto‐generated while the API is being developed; (iv) Consuming APIs – Centralized location for finding and learning about available APIs. Simple approach to register applications so they can utilize APIs; (v) Monitoring APIs – Instant visibility into operational metrics on usage and API business key performance indicators.

In API preparation phase value of APIPCS leads to increased consistency and improves the overall developer experience with formalization of domain semantics or architectural style. Using APIPCS it is possible design and prototype API without writing any code and enable quick iteration on API design change, it is allowed to start of a work on API client before API server is implemented and this way getting very fast feedback from API consumers and stakeholders and provide ready API product much sooner to the market.

The API implementation will be automatically tested against its design, monitoring the contract and implementation changes are made much easier, version control and collaboration comes seamless as well as reporting on any disparities and errors in the description against the results of locally run API, automatic test runs when anything changes.

General differentiators of APIPCS are : it is easy to use and not technically challenging solution; it has focus on ‘API design first’ approach; it has architecture with API management on the cloud (including main portal and developer portal) and only gateways (GWs) being weather on cloud or on-prem. An end customer needs to operate only the gateways (GWs) and APIPCS operates all complex parts of API management in Oracle cloud.

GWs themselves are very mature product with amount of advantages. Management console never goes directly to the GW, it is other way around that only GW goes to cloud – this way providing very elegant security solution. GWs will automatically pull down all new policies. In case of APIPCS, most policies will work with existing versions of the GW, so GW upgrades are minimal and if they are required it will anyway happen through the cloud service. APIPCS pulls down the deployments of GWs extremely fast, as they are done by the cloud service, without need to export a zip or manually deploy GWs. There is no need end customer to perform data backups, no need for upgrades to get new policies, no need to configure clusters. All these brings down operational cost of operating API platform. APIPCS gives control which users have the right to deploy which GWs and what exactly is deployed on which GW, with full audit history.

Want to learn more? Contact Milomir Vojvodic

About Jürgen Kress
As a middleware expert Jürgen works at Oracle EMEA Alliances and Channels, responsible for Oracle’s EMEA Fusion Middleware partner business. He is the founder of the Oracle SOA & BPM and the WebLogic Partner Communities and the global Oracle Partner Advisory Councils. With more than 5000 members from all over the world the Middleware Partner Community is the most successful and active community at Oracle. Jürgen manages the community with monthly newsletters, webcasts and conferences. He hosts his annual Fusion Middleware Partner Community Forums and the Fusion Middleware Summer Camps, where more than 200 partners get product updates, roadmap insights and hands-on trainings. Supplemented by many web 2.0 tools like twitter, discussion forums, online communities, blogs and wikis. For the SOA & Cloud Symposium by Thomas Erl, Jürgen is a member of the steering board. He is also a frequent speaker at conferences like the SOA & BPM Integration Days, JAX, UKOUG, OUGN, or OOP.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: