Management of Third Part authorization

Consent management to treat personal data or user’s authorization to execute payments from Third Part websites can be done without the need to provide personal data to the above mentioned website.

The introduction to the OpenAPI

A Third Part is a corporate (e.g. e-commerce platforms) on whose web site the user wants to make a payment or with whom he wants to share data. An example for this process when a user is placing an order on an e-commerce platform and wants to pay directly from his bank account.

If the user has to give his consent to share his data with a Third Part, after being redirected to the website of his bank and logging in, he can choose which pieces of information he wishes to share and, after confirming his decision, these will be shared directly with the Third Part itself.

Similarly, if he has to make a payment from a Third Part website, as in the previous example, after being redirected to his own bank's website and logging in, he will find a summary page containing the payment information and he can confirm the disposition.

The identification of the consent

The identification of the consent granted by the user takes place thanks to common APIs provided by IAM that generate unique codes for each consent created and that have the ownership to manage the information related to that specific consent. These APIs can also be reached by the Tthird Pparties who will retrieve directly from there the information that the user has agreed to share.

Forms of authorization very simple and fast

These forms of authorization are very simple and fast, thanks to the centralized management of data related to consents and payments.

The payment

The payment will be managed in a similar way, a unique consent will be generated and also a payment Id (calling other common APIs provided by the Payment Repository) that contains all the information necessary to initialize the payment.

Forms of authorization very simple and fast

These forms of authorization are very simple and fast, thanks to the centralized management of data related to consents and payments.

They are also considered very safe, thanks to the fact that the user does not directly insert his personal data or account data on a Third Part website, but the latter retrieves them through secure and authenticated calls to the common APIs.

Forms of authorization are becoming increasingly popular

This is why these mechanisms are becoming increasingly popular: Technology Financial Services has consolidated knowledge and experience in this field, focusing on the security of the processes and on data protection.