In this blog, we will detail how modern banking can be viewed in terms of three fundamental concepts: the businesses, the infrastructure, and open banking.
These concepts are forming what we call the ‘three pillars’ of modern banking and as such, they need to be fundamentally addressed, understood, and provided with the right foundations in terms of security.
Table of Contents
Modern banking is at the crossroads between what we can call ‘traditional’ banking and the revolution initiated by the PSD2 directive which is to be understood in the vaster project of “open banking”.
To better understand the situation, we can view modern banking as supposed by ‘three pillars’:
The Business (the profitable activities realized by banking), the infrastructure (the network, the hardware, and software needed to realize the business, especially in automated ways) and the open banking (the world brought by PSD2 with the open APIs, etc.)
In what follows we will explain in detail these three fundamental concepts and finally, we will explain why it is so important to have a unified way to provide to all them with security, protecting their cryptographic operations.
The first pillar is the most important and fundamental for banks. This is how they make money. The main subcategories are:
That pillar is the ‘tradition’ of the bank, its business which developed with the time and became automatically interconnected with other banks by means of networks and information systems.
To be able to conduct business in a connected world, banks need infrastructures, mainly networks, and machines interconnecting their business with other businesses from other banks or other third parties.
This network infrastructure can be divided into several categories
Mainframes can also be ‘big systems’ such as HP nonstop servers, dedicated to financial transaction processing. They host the bank backends.
Here we define more precisely the payment network environment.
A card acceptor is defined as an ATM or a merchant that accepts payment cards and processes the transaction data then sends it to an acquirer.
An acquiring bank (or, simply, an acquirer) is a financial institution (usually a bank) that allows a merchant to offer credit or debit card payments.option to their customers.
An issuing bank (or simply ‘issuer’) is a financial institution (usually a bank) that issues payment cards (debit, credit, or prepaid) to their customers.
Payment switches are specific financial transaction processing systems, usually extremely secure.
And finally, there is a third pillar, a newer one, which is the future of banking. This is represented by the ‘open banking’ world as introduced by the PSD2 directive.
The last pillar represents the world of the new ‘open banking’. It is a conception where customers are in charge of their data and can master their bank account as they wish, without an opaque and close system.
Open banking is often seen linked to newer technologies and concepts such as the Internet of things (IoT), cloud computing, and blockchain.
For now, Open Banking is being actively developed in the Eurozone but it is a global concept and is to be developed in the USA as well as part of a general change of culture and practices in banking.
The fundamental concept is that banks must open their data to third parties (TPPs) via open APIs and allow payment applications to interact with such APIs.
This is to be understood in the framework of a more ‘fluid’ banking which can be much more transparent and flexible as well as open to competitive services.
We see here three subcategories:
Here we described what we named the ‘three pillars’ of modern banking. As we see this often involves cryptographic operations to provide security.
Of course, the Payment network is traditionally provided with HSMs because it is mandatory but open banking requires very good and very secure authentication for the open API access and, as well, open banking which exposes servers over the web requires strong cryptographic protection, eventually with PKI.
The ‘temple’ supported by these three pillars needs a solid and strong foundation and powerful cryptographic servers to perform securely cryptographic operations.
Acodez is a renowned web development company offering software development using Emerging Technologies. We offer all kinds of web design and web development services to our clients using the latest technologies. We are also a leading digital marketing company providing SEO, SMM, SEM, Inbound marketing services, etc at affordable prices. For further information, please contact us.
Contact us and we'll give you a preliminary free consultation
on the web & mobile strategy that'd suit your needs best.
What is an Encrypted Virus – Its Threats and Countermeasures?Posted on Dec 29, 2020 | Cyber Security