ForgeRock Identity Platform Helps Financial Organizations Ensure Compliance with Impending Open Banking and PSD2 Regulations

ForgeRock digital identity solutions provide critical authentication, authorization and security capabilities for financial services brands to empower customers  

SAN FRANCISCO, CA – Nov. 28, 2017 – ForgeRock®, the leading platform provider of digital identity management solutions, today announced that it is working with some of Europe’s largest financial services providers to align their services in compliance with the Revised Directive on Payment Services (PSD2) regulation and the UK’s Open Banking initiative. The latest release of the ForgeRock Identity Platform introduced a variety of new capabilities to the market that enables ForgeRock’s flagship offering to be deployed in compliance with both PSD2 and Open Banking. These new rules will require banks to give third-party financial services providers direct access to financial data that bank customers—both individuals and businesses—choose to share.

Open Banking is an early attempt for financial services organizations to embrace technology for giving customers freedom and control in how they interact with their financial providers.

“While the transition to the new open ecosystem poses a regulatory challenge for banks and large retailers, it also represents a profound opportunity to create new value for customers and new forms of competitive advantage,” said Mike Ellis, CEO of ForgeRock. “Digital identity management will play an especially important role in this effort, because it enables banks to verify customer identity, enforce user consent policies, apply adaptive risk analytics, and support end-to-end security across third-party services. As start-up banks, fintechs, and other disruptive service providers transform the competitive landscape, digital identity will ensure that banks can deliver the seamless, consistent, and personalized experience customers expect across channels and services.”

Many of the major themes of Open Banking and PSD2 center around the opening of APIs and data in a secure manner to third-parties, for example to Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs). To comply with Open Banking and PSD2, and to capitalize on the business opportunities they offer, banks must first address a series of technical requirements around measures that include strong customer authentication, secure application programming interfaces (APIs), and customer consent mechanisms. The ForgeRock Identity Platform supports OAuth 2.0, OIDC and the User-Managed Access (UMA) standards out of the box. These standards are typically used to achieve delegated authorization and consent management in exactly the sort of flows described for PSD2. As such, the ForgeRock platform can act as an authorization server, issuing OIDC tokens that can be validated by any OIDC-compliant API gateway. These components combine to enable a secure way of collecting bank customer consent, and a means by which to protect their data. The ForgeRock Identity Platform also offers a large collection of authentication mechanisms – including push notification with touch ID, device fingerprinting, adaptive risk and many more – which enables compliance with the Strong Customer Authentication (SCA) mandate.

To purchase the ForgeRock Identity Platform, or access a free trial version, visit the ForgeRock website:


About ForgeRock

ForgeRock® is the Digital Identity Management company transforming the way organizations interact securely with customers, employees, devices, and things. Organizations adopt the ForgeRock Identity Platform™ as their digital identity system of record to monetize customer relationships, address stringent regulations for privacy and consent (GDPR, HIPAA, FCC privacy, etc.), and leverage the internet of things. ForgeRock serves hundreds of brands, including Morningstar, Vodafone, GEICO, TomTom, and Pearson, as well as governments such as Norway, New Zealand, and Belgium, among many others. Headquartered in San Francisco, California, ForgeRock has offices in Austin, London, Bristol, Grenoble, Munich, Paris, Oslo, Singapore, Sydney and Vancouver, Washington. ForgeRock is privately held, backed by leading global venture capital firms Accel Partners, Foundation Capital, Meritech Capital and KKR. For more information and free downloads, visit, or follow ForgeRock on social media:

Facebook ForgeRock |Twitter @ForgeRock |LinkedIn ForgeRock |