What Is CDR?
The Consumer Data Right (CDR) legislation aims to provide consumers in Australia with better choice, access, and control of their data, including how it is used and disclosed. CDR will initially apply to the banking industry, with telecommunications and energy retailers following soon afterwards.
CDR will require that organizations open consumer data to third parties, obtain user consent for data sharing, and apply strong customer authentication for services. To accomplish all of these and meet CDR mandates, leading banks are turning to modern IAM platforms. Built on open standards, the ForgeRock Identity Platform provides a unified solution to address key challenges around customer authentication, secure APIs, customer consent, and identity best practices. With ForgeRock, banks can achieve more than just regulatory compliance – they can also introduce new products and services designed to meet the demands of today’s empowered consumers.
Leverage Modern IAM to Comply with CDR and Grow Revenue
CDR requires that banks open their business by providing access to data and controlling how data will be used and managed by third-parties. It also mandates that banks provide consumers with greater transparency and security. Banks must ensure they have the right solutions in place to balance privacy, security, and user experience. Unfortunately, most banks and financial institutions have legacy IAM systems that are unable to support this entirely modern set of requirements.
With the right IAM platform to make it all happen, CDR presents an excellent opportunity to create new business models that will drive greater revenue and brand trust. As the most comprehensive, modern IAM platform on the market, ForgeRock in collaboration with our trusted partner Middleware NZ enables financial institutions to modernize their IAM to meet CDR requirements, as well as create new business models to grow revenue and customer satisfaction. To comply with CDR specifications, the ForgeRock platform includes:
- Application programming interface (API) security with Financial-grade API (FAPI) specifications
- Open standards-based support for the CDR specification (OAuth 2.0, OIDC, UMA)
- Privacy and consent features with a user-friendly dashboard
- Robust multi-factor authentication (MFA) options with Intelligent Authentication
- Data residency and data sovereignty
- Flexible consumption or deployment options for any environment
"ForgeRock followed an API-first, platform-centric approach from the very beginning and already delivers with their highly scalable platform for managing and governing all types of identities.”
– Martin Kuppinger, founder and principal analyst, KuppingerCole
Build Consumer Trust with Consent Management
Giving consumers control over their data – from who has access to their accounts to managing profile and privacy settings – is essential for most customer-facing solutions. Privacy and consent management helps establish a closer relationship with customers because they can see what personal information a company holds and why. It also helps reduce customer support costs.
The ForgeRock Identity Platform provides a comprehensive, standards-based profile and privacy management dashboard. Users can manage who has access to their personal data, for how long, and under what circumstances. They can also manage their own profile details, the devices connected to their account, and applications they have consented to connect to their account
Ensure Consumer Data Is Protected with Data Residency and Sovereignty
CDR requires that user data is protected at all times. Additionally, how you store and process user accounts and profile information is subject to regulations and restrictions that protect users' privacy.
Data residency and data sovereignty are related concepts covering the legalities of where user data resides and the legal authority over the data, regardless of where it resides. To address data residency requirements, the ForgeRock Identity Platform enables fine-grained access controls, privacy-bound user data storage, strong encryption, and fractional replication of personal data. These capabilities allow for secure cross-border transfer and processing of user data that is context-sensitive to a particular jurisdiction. Further, the Forgerock platform operates within any on-premises and cloud environment, giving you complete control over where your valuable customer data is stored.
Do Identity Your Way with Consume and Deploy Options
Solution deployments are often lengthy, costly, and complex – requiring many IT resource hours and resulting in slow time to market. With ForgeRock, you can choose to consume or deploy and do identity your way. We have the only comprehensive platform available as a service with the ForgeRock Identity Cloud. The ForgeRock platform is also available with our full DevOps capabilities on premises or in any cloud environment, including multi-cloud and hybrid cloud, saving you as much as 25% on implementation costs.
Resources
Analyst Report
KuppingerCole on the ForgeRock Identity Platform API Security
Will you simply comply or truly compete in the Open API economy?
Infographic
Get the Facts about CDR Open Banking
Consumer Data Right (CDR), Open Banking and beyond.
Overview
Consumer Data Right (CDR) Open Banking Accelerators
Consumer Data Right (CDR)