Moneyone FinPro FIU
An FIU Server compliant with RBI’s Account Aggregator Technical Standards
Moneyone Partner Program (MPP)
Enabling secure, private sharing of data between consumers and enterprises
The Moneyone platform has two products, FinPro and FinShare. These products help you store your customers’ consents, and use APIs to receive and share readily-usable, fine-grained data across all data types supported by the Account Aggregation network.
Kindly note our Sandbox servers are available everyday from 7:00 AM to 1:00 AM. Request to please plan your testing accordingly.
Moneyone FinPro FIU
An FIU Server compliant with RBI’s Account Aggregator Technical Standards
Read on to understand:
Here’s how you can get started to set up a Moneyone account.
Receive consent-driven data from your customers, in your mobile or web application, through FinPro
Integrate your mobile app or web application with the FinPro service using the following methods:
Provide your customers’ data through FinShare, when presented with a valid consent artefact
Integrate your core account and transaction systems with FinShare, to manage your customers’ consents and share their data to with other institutions, using the following methods:
Moneyone Partners Program (MPP)
The MPP (Moneyone partners program) software system facilitates gathering financial, credit bureau, telecom and other data from different
data sources and share the data to enterprises securely with customer approval.
The data storage of financial data fetched from Onemoney AA will always be stored and shared from user’s mobile device. Data from bureaus
and other data sources will be directly fetched by MPP server from different sources and shared.
MPP software consists of different services to support the consent management, data retrieval and sharing.
High level Architecture – MPP
The MPP (Moneyone Partners Program) acts as data sharing intermediary and helps customers to share their financial data with their partners privately and securely fetched from Onemoney account aggregator based on explicit self consent and from other data providers like credit bureaus, telecom operators etc. based on specific services (API) provided by respective data providers. The software system needs
sophisticated architecture to manage all consents, and specific set of APIs to connect to third party systems that will facilitate secure and consented sharing of different kinds of financial and non financial data.
The high-level architecture diagram is given below which depicts different service components and interactions with third party systems.
The customer first logs in into enterprise mobile app, and interacts with embedded Moneyone partner program SDK for requesting data from Onemoney through the Onemoney private data share SDK as well as other third party data service providers. The Moneyone partner program SDK also asks permission from customer to encrypt the fetched data with the private key of customer’s partner which is known only to the customer’s partner. The Moneyone partner program mobile client interacts with Moneyone partner program backend service through APIs. Similarly the Onemoney private data share client interacts with Onemoney private data share backend service. User also interacts with Onemoney private data share SDK to provide his self consent to fetch his financial data from Onemoney account aggregator as well as gives permissions for the following:
- Create a folder in the user’s device where the data fetched from Onemoney account aggregator will be stored.
- Inform the location to the customer’s partner where the data fetched from Onemoney account aggregator is stored
- Encrypt the fetched data with the customer’s partner’s private key knowledge of which is known only to the customer’s partner.
The Moneyone partner program service then connects to different data service providers to fetch data and stores data it in centralized MPP server. Similarly Onemoney private data share service connects with Onemoney account aggregator service to fetch financial data, decrypts it and stores it in user’s device. Onemoney private data share SDK then notifies centralized MPP server of data availability. On receiving the notification centralized MPP server fetches the financial information data from user’s device and stores it in centralized MPP server.
The centralized MPP server then notifies the availability of financial information data and third party data to client MPP server. On receiving notification the client MPP server fetches financial information data and third party data from centralized MPP server, decrypts it and stores it. After data is fetched successfully by client MPP server the centralized MPP server will delete both financial data and third party data.
After decryption of fetched data the client MPP server will notify the partner application server of data availability. On receiving notification the partner application server will fetch the decrypted financial data and third party data and use it for its own use case.
Note: Onemoney AA private data share SDK only connects with Onemoney backend service instead of connecting to Moneyone partner program as per AA ecosystem specification.
The details of each component are given in below section.
High Level Specification
The Moneyone partner program software system consists of the multiple components and they are Moneyone partner program SDK, Onemoney Private Data Share SDK, Central MPP service, Onemoney private data share service, Onemoney Service, MPP client server, Central MPP service admin portal and client MPP server admin portal
|Enterprise Mobile App||• The front-end mobile app is actually from enterprise client. The mobile app embeds the Moneyone partner program SDK and Onemoney private data share SDK.
• The mobile app will share the private key to Onemoney private data share SDK for financial data encryption in user’s mobile.
• The mobile app can be an Android app or iOS app as the Moneyone partner program SDK and Onemoney private data share SDK will be flutter SDKs
|Moneyone Partner Program SDK||• Moneyone partner program SDK is solely responsible for user interactions with MPP central Service and other third parties.
• User opt for data sharing with enterprise with pre-defined consents as per need.
• Moneyone partner program SDK displays the financial data consent and third party data consent of user’s partner to the user to review it and approve it for data sharing.
• Moneyone partner programs SDK submit the consents to MPP central Service.
• It reads the data from specific location where the financial data is already encrypted and stored by Onemoney private data share SDK.
• Shares the financial data to MPP central service.
|Moneyone Partner Program Central Service||• Moneyone partner program central Service is used by Moneyone partner program SDK for consent submission.
• Supports the consents parameters for different types of data fetch.
• Moneyone partner programs central Service stores the consent artefact for each user.
• It uses the consent details to fetch financial and other data from different third parties. (except AA)
• It receives financial data fetched by Onemoney private data share SDK from Moneyone partner program SDK
• Temporarily store the fianancial data and third party data.
• Notifies client MPP server about financial data and third party data availability.
• Shares financial data and third party data to client MPP server
• Deletes financial data and third party data after sharing them with client MPP server
|Moneyone Partner Program Central service Admin Portal||• This admin portal is used by Moneyone staff
• Provides option to view Financial data and third part data consent requests from different enterprise partners
• Provides option to view data fetches of financial data and third party data.
• Generates usage and reconciliation reports for enterprise partners
• Manages billing of enterprise partners
|Client MPP server||• Places financial data and third party data consent requests
• Fetches encrypted financial data and third party data
• Decrypts financial and third party data
• Stores financial data and third party data
• Shares financial data and third party data with enterprise partners
|Client MPP Admin Portal||• The admin portal is used by enterprise staff.
• The portal helps enterprise to define the products (consent parameter).
• View the consent requests with their status
• View the data fetch requests and their status
• Send consent and data available notifications to enterprise partners
|Onemoney Private Data Share SDK||• Onemoney Private data share SDK is embedded into Moneyone partner program SDK.
• User is re-directed to Onemoney private data share SDK once he approves the consent in Moneyone partner program SDK.
• It takes the predefined consent parameters from Moneyone partner program SDK and private encryption key.
• Onemoney private data share SDK submits the consent to Onemoney backend service.
• User Approves the consent with the OTP verification.
• Redirects user back to Moneyone partner program SDK.
• It fetches the encrypted FI data from Onemoney backend API.
• It decrypts the encrypted financial data fetched from Onemoney backend APIs.
• Encrypt the FI data with the private key of the customer’s partner shared by Moneyone partner program backend service and stores in the device at a location specified by Onemoney private data share SDK.
• Notifies Moneyone partner program SDK once data is stored in the specific folder location created by Onemoney private data share SDK
|Onemoney PDS Service||• Onemoney private data share service manages consents for the user.
• It generates consent artefact after approval by the user and stores it.
• It manages FI data fetch from Onemoney AA Service for the approved consents.
• Notifies Onemoney private data share SDK once data is fetched from Onemoney AA service.
• Generates the key materials and shares it with Onemoney private data share SDK for encrypting the FI data by FIP.