Moneyone Products

Moneyone Products

Moneyone FinPro FIU

An FIU Server compliant with RBI’s Account Aggregator Technical Standards

Moneyone FinShare FIP

API gateway for FIPs

Moneyone Partners Program (MPP)

Enabling secure, private sharing of data between consumers and enterprises

Company Overview

FinSec AA Solutions Pvt Ltd, 100% owned by FinTech Products and Solutions India Pvt Ltd, is India’s first NBFC-AA licensee of RBI. It has a brand Onemoney that offers Account Aggregations (AA) solutions through an Android mobile app and a responsive web application. These Apps enable us to perform a one-time registration, link financial accounts in banks, asset management, insurance and stockbroking companies, and pension funds for real-time consent-based data sharing in a secure, regulatory/legally compliant manner. Onemoney is a consent management platform and helps customers manage their consents throughout the consent lifecycle.

Fintech Products and Solutions India Pvt Ltd has a brand Moneyone with two products. FinPro for FIUs (Financial Information Users) and FinShare for FIPs (Financial Information Providers), enable Data Governance, support the AA Ecosystem, are independently offered by FinTech. They enable organizations to offer to their customer’s Security and Privacy for their data.  They help organizations quickly onboard onto the AA Ecosystem, take advantage of the benefits of AA, as FIUs and FIPs.

FinShare and FinPro provide a comprehensive offering, including Data Access to the licensed AAs, Data Governance focused on AA regulation by RBI and the proposed Personal Data Protection Bill, and Data Analytics for the derivation of insights from bank statements. 

Moneyone FinPro FIU

An FIU Server compliant with RBI’s Account Aggregator Technical Standards

Product Overview of Moneyone FinPro FIU

It is a Data Governance and Value Management platform for Financial Information Users (FIUs). It includes

01

Data Access Enablement

  • Enables any FIU to quickly onboard to the AA ecosystem supporting integration with all licensed AAs.
  • Ready implementation of AA APIs as specified by ReBIT (Reserve Bank of India IT)
  • Sends and receives notifications to and from AA, fetch encrypted financial information from AA and decrypt the financial information received from AA.
  • Set of APIs that can be integrated with any FIU application.

02

Data Governance

  • Enables Purge or Archive of the data after the expiry of the data storage period.
  • Compliances under the AA regulation and those necessary under the proposed Data Protection Bill by the government.


03

Data Analytics

  • FinPro provides an API which gives month wise summations of transaction count and amount of different types of transactions in a deposit account (CASA) which are derived from transaction narrations and transaction mode.


Components of Moneyone FinPro FIU

01

FIU Server

Has a set of APIs, including a ready implementation of the AA APIs as specified by ReBIT to support integration with all licensed AAs in the ecosystem in a dynamic and trusted manner

02

Administrator Portal

Allows the setup of consent parameters for a particular product mapped to a specific purpose and displays the list and status of all Consent requests, notifications and data requests for monitoring.

Features of Moneyone FinPro FIU Server

The FIU server and data governance features include the following:

  • Place the Consent request.
  • Store the Consent artefact.
  • Place encrypted data request (Onetime or Periodic).
  • Send/Receive Notifications to and from the account aggregator.
  • Fetch encrypted financial information from the account aggregator.
  • Decrypt financial information.
  • Provide SDK with widgets of account aggregator education screen, account aggregator list, view balance and transactions.
  • Provides data APIs for bank account statement, GST statements etc. as per ReBIT schema in JSON format for end FIU applications consumption.

Features of Moneyone FinPro FIU Admin Portal

  • Account aggregator Management.
  • Central Registry Management.
  • User Management.
  • Lists Consent requests with status.
  • List data requests with status
  • FI Fetch notifications.
  • MIS reports.
  • Web Hooks to send notification for consent and data flow events
  • Source Authentication

Benefits of Moneyone FinPro FIU

  • Ready availability of AA APIs as specified by ReBIT.
  • Interoperable and supports integration with any account aggregator, so no need for financial information users (FIUs) to integrate independently with other AAs.
  • Provides an SDK with widgets that can be white-labeled and embedded with FIU applications.
  • Enables encryption/decryption mechanism as per Diffie Hellman Key Exchange standards.
  • Automatically places Consent requests and data requests on behalf of FIUs.
  • Stores the consent artefact with the latest consent status and fetched data.

Interesting and Innovative?

Write to us info@onemoney.in and we are looking forward to partnering with you.

Moneyone FinShare FIP

Moneyone FinShare is an API gateway for FIPs.

Product Overview of Moneyone FinShare FIP

01

Onboards

  • Quickly onboard the FIP with all features and APIs as specified by ReBIT. It supports integration with all licensed AAs.

02

Maintains

  • Maintains the latest status of linked accounts and consents.
  • Connects with internal APIs of FIPs to fetch financial data, converts them to the standard schema format as specified by ReBIT


03

Secures

  • It encrypts data and shares the data with an AA based on an explicit digitally signed consent artefact.


Components of Moneyone FinShare FIP

01

FIP Server

Ready implementation of FIP APIs as specified by ReBIT

02

Administrator Portal

List of all linked accounts along with its status, Consent requests along with their status and data requests for monitoring.

Features of FinShare FIP Gateway

  • Supports integration with any authorized account aggregator.
  • Integrates with internal APIs of financial information provider’s (FIP’s) core systems.
  • Converts fetched data into standard format as per schema defined by ReBIT.
  • Encrypts the financial information data.
  • Shares data with account aggregator based on explicit digitally signed consent artefact.
  • Maintains latest status of linked accounts
  • Maintains latest status of Consents

Features of FinShare FIP Admin Portal

  • Account aggregator Management
  • User Management.
  • Central Registry Management
  • Lists discovered accounts.
  • Lists linked accounts with status.
  • Lists Consent artefact with status
  • Lists Data requests

Benefits of FinShare FIP Admin Portal

  • The ready availability of FIP APIs as specified by ReBIT
  • It is interoperable and supports integration with any AA, so FIPs don’t need to integrate independently with other AAs.
  • Enabled with transformation mechanism to transform data fetched from any FIPs into the standard format specified by ReBIT for each financial information type
  • Enabled with encryption mechanism as per Diffie Hellman Key exchange standards for sharing data.

Moneyone Partners Program (MPP)

Dive through the proposed MPP journey.

MPP (Moneyone Partners Program) product facilitates gathering financial, credit bureau, telecom and other data from different sources, deliver directly to the device of the consumer.  Then enable the consumer share the data directly from her device with enterprises securely.
The data storage and share are always enabled from the user’s mobile device only.

MPP product consists of different services to support the consent management, data retrieval and sharing.

MPP is a data governance platform (owned by Fintech Products and Solutions India Pvt. Ltd. the parent company of Onemoney) that facilitates secure sharing of data by a user who has access to her own data. The user might have received her own data either through the AA framework, delivered to her own device, or by other means such as downloading from a custodian of her data, e.g., a bank, Digilocker etc. After the user gains control and access to her own data, MPP empowers the user with the ability to share such data with partner enterprises of her choice. Such data sharing is done privately by the user directly from her device with her chosen enterprise and does not involve usage of the Account Aggregator network.

MPP also integrates with multiple other data and information service providers to fetch customer’s data which is outside the ambit of AA framework. Examples of such data include credit scores and reports from credit bureaus, and telecom data from service providers. For getting user’s data from each such information provider a separate consent will be sought from the user. The consent structure will be according to the respective information service provider’s consent framework. Such data will be fetched by MPP from the respective information service providers based on explicit user consent and will be shared to the user’s device where the data will be stored in an encrypted manner in a folder created by MPP. MPP will take approval from customer to create a folder where the data from credit bureaus, telecom operators and other data custodians will be stored. MPP will also take approval from customer to inform the location where the downloaded data will be stored to the customer’s partner and to encrypt the data with a private key whose access will be only with his partner. The customer’s partner will pick up the data from the location once the data is made available in that location.

This is a feature enabled on Onemoney’s mobile application, installed by the user on her device only. MPP data governance platform enables stringent security and privacy guidelines to be implemented to facilitate such private sharing of data by the user. Specifically, MPP implements the concept of “consent” as a basis for the interaction between a user/consumer and the partner enterprise. Although law and regulation presently do not mandate security and privacy provisions to be applied to private sharing of data by the principal/user/consumer of the data, MPP platform proactively implements both the RBI-defined AA framework and the proposed Personal Data Protection Bill 2019.

This facility is structured as the Onemoney – MPP “Moneyone Partners Program” (MPP) and is currently exclusively available to Onemoney AA users. The phrase “Moneyone Partners” refers to partner enterprises chosen by the user/consumer, to share her data with.

How does the “Moneyone Partners Program” work?

The MPP (Moneyone Partners Program) facility involves three steps:

Step 1 – Request Data Access

Through the Onemoney AA mobile application, a consumer can request access to her own data. The Onemoney AA mobile application gets “consent” from the consumer to fetch, deliver to the consumer’s device, decrypt and make usable data available to the consumer on her device. The periodicity, validity, and data life of all such data requests is governed by the “consent” artefact that the consumer approves and provides to the Onemoney AA mobile application. All decryption of data is always done on the device that the app is installed on. No decryption of data is done on Onemoney servers, in accordance with RBI guidelines.

Step 2 – Save Data

Through the Onemoney AA mobile application, the consumer is then able to save her data directly onto her device, into a folder of her choice.

Step 3 – Share Data

Through the MPP SDK (embedded either into the Onemoney AA mobile application or into an enterprise’s mobile application), the consumer assigns various conditions of consent (purpose, data life, etc.), governing the partner enterprise’s access to the data saved onto her device. The consumer assigns necessary permissions for the data on her device to be encrypted by using the private key of the partner enterprise and automatically accessed by the latter.

User journeys for the above could start either from a partner enterprise’s mobile applications or from Onemoney’s mobile application. In either case, the systems involved will be the following:

  • MPP service – a service that manages product details and associated user’s private consent parameters. It also stores the lifecycle of each private consent artefact approved by a user, while sharing data with the enterprise.
  • MPP SDK – a mobile SDK that can be dropped into a partner enterprise’s mobile applications. The SDK presents screens that facilitate:
  • A redirection/invoking of Onemoney mobile application screens for registration and/or private data access
  • Assignment of user’s private consent conditions, to govern the partner enterprise’s usage of the consumer’s data
  • Onemoney Private Sharing mobile SDK/ application – a mobile SDK/application screens that connects to Onemoney service. It presents screens that facilitate:
  • Registration, discovery and linking of user’s accounts on Onemoney
  • The “Private Data Share” feature – this allows users to fetch, save and share data from their mobile devices with their preferred partner.

Note: The “Private Data Share” feature involves decryption and encryption of data and secure storage of key material, required for the decryption. Such security features can only be implemented through a mobile application and not through a web application. The Onemoney Private Sharing SDK is therefore a mobile- only SDK.

The user journeys involving these three systems could involve any of the following personas: The term “enterprise” below describes the enterprise interested in getting access to the user’s data in order to offer a tailored service.

  • Sumith, a user of an enterprise’s app and also has an existing Onemoney profile. Sumith starts his journey on the enterprise app and gets redirected to Onemoney during his journey.
  • Rakesh, a user of an enterprise’s app but does not have an existing Onemoney profile. Rakesh starts his journey on the enterprise app and gets redirected to Onemoney during his journey.
  • Neethi, a user of Onemoney and is also a user of the enterprise’s app. Neethi starts her journey on the Onemoney app and is able to share her data with the enterprise, through the Onemoney app itself.
  • Neha, a user of Onemoney but does not have an account with the enterprise. Neha starts her journey on the Onemoney app and discovers the enterprise on the Onemoney app through the “Moneyone Partners” feature. She is then able to share her data with this enterprise through the Onemoney app itself.

Data Privacy Features

Data Privacy is enforced through two mechanisms:

  • The user’s “private data share” feature on Onemoney mobile application is governed by a consent artefact that determines conditions of consent given to the app for fetching the data. Purpose and collection limitations are enforced, in accordance with the RBI guidelines, similar to how they would be, in the case of an enterprise directly seeking data from the AA network. Further, data life conditions define the time period for which the Onemoney app is allowed to keep the data on the device, within the private storage area accessible to Onemoney app. Onemoney app deletes the data from app storage, on expiry of the data life period.
  • The user’s “private data sharing” mechanism through MPP, is governed by a consent artefact that determines conditions of consent given to the enterprise. The structure of this consent artefact is similar to that defined within the AA framework. Purpose limitations, collection limitations, data life are enforced through this consent artefact.

Important Note: This consent artefact represents consent given directly by the user to the enterprise, is outside the AA framework. It is independent of, and separate from, the consent artefact governing the interaction between the user and Onemoney mobile application.

Data Security Features

  • Data-in-transit security, governing the data fetch by Onemoney mobile application, is strictly in accordance with the security specifications laid by RBI within the AA framework. It involves the following:
  • API keys – for the Onemoney service to authenticate and authorise the Onemoney mobile application
  • Data Signature – for non-repudiation and data integrity checks while information is being exchanged in API requests and responses between the Onemoney service and the Onemoney mobile application
  • Data encryption – key material for every data fetch is generated within the Onemoney mobile application, using the Diffie Hellman Key Exchange Mechanism, in accordance with the specifications of the AA framework. Decryption of data is done on the device, using keys generated and stored securely within the Onemoney mobile application. Decryption of data is not done on the Onemoney back-end servers
  • Data-at-rest security, governing the storage of data within the app’s private storage and while data is downloaded onto the device’s general
  • purpose storage area, is enforced.
  • Data-in-transit security, governing the upload of data from the device’s storage area to the enterprise’s storage location, is also enforced through an agreement of the mechanism to be used, between MPP data governance platform and the enterprise.
  • AES256 encryption is employed, for both data-at-rest and data-in-transit.

Interesting and Innovative?

Click here to understand the onboarding procedure
Write to us info@onemoney.in and we are looking forward to partnering with you.