Introduction to the Data Access Network
Akoya enables consumers to provide third-party access to their financial data in a safe, secure, and transparent way.
The Akoya mission is to create trust among financial institutions, fintechs, and data aggregators to ensure mass participation in Open Finance. Akoya secures the way consumers provide access to their data with increased security, privacy, and control over their information by transitioning data aggregation toward application programming interface (API)-based data access.
- Removes login credentials from data aggregation by implementing tokenized access.
- Facilitates a consent flow where consumers authenticate, select accounts, and permission data directly with their financial institution.
- Ensures consumers have control by giving them the ability to monitor and disable access.
- Does not store any data accessed or shared on its network.
- Maintains a pass-through model for complete privacy for all participants. At no point does Akoya know who the consumer is or what data they are sharing.
- Akoya serves as a data-access utility similar to a trusted delivery service. Akoya delivers the package (data) between a financial institution and a fintech app. Akoya does not open the package, does not make a copy of what is inside, analyze it, or store it for future use. Akoya simply gets the package safely from point A to point B.
Features
Consent flow
The consent flow enables a customer to authenticate, select accounts, and permission data to flow from their data provider through the Data Access Network and to a third-party fintech app. This keeps your customers’ login credentials from being shared with third parties.
Tip: You may click on images to view in full screen
- Emily wants to connect a fintech app to her financial institution accounts, in this example, at her fictional bank, Mikomo.
- Emily is redirected by the fintech app to Akoya where the fintech and Mikomo ids are validated.
- Akoya initiates an auth grant code to Mikomo Bank and Emily authenticates at the Mikomo Bank site.
- Emily agrees to terms and conditions and gives authorization to provide access of her data to her fintech app.
- Mikomo Bank issues an authorization grant code to Akoya who in turn requests the Mikomo Bank access token.
- Using Mikomo Bank’s token, Akoya requests Emily’s account list for selection and permissioning to her fintech app. Emily approves account selection.
- Akoya redirects Emily back to her fintech app with the Akoya auth code.
- The Akoya auth code is exchanged by the fintech app for an Akoya ID token. The fintech app uses the Akoya token to request Emily’s account details. Akoya then uses Mikomo Bank’s token to request
permissioned data. - Mikomo Bank returns data to Akoya. Akoya gets the entitlements policy and applies Mikomo Bank’s rules. Akoya returns the data to the fintech app.
- Emily sees the permissioned account data.
Akoya API v2
Based on Financial Data Exchange (FDX) specifications, the Akoya API v2 allows recipients to request consumer-permissioned data to flow from a provider through the Data Access Network.
Through data mapping and API integration, Akoya translates responses from providers—even those with proprietary APIs—into a common format. Expected and standard API responses help mitigate the need for proprietary APIs, thereby reducing development costs.
Connection Management
The Management Console is available for data providers to self-manage their connections and configure their settings in the Akoya Data Access Network.
Akoya also provides aggregators and fintechs with the Data Recipient Hub to manage their connection to providers.
Permission API
The Akoya Permission API is used by a data provider to add support to their customer experience for Akoya account permission management.
By making calls to the API, a provider can add a permission dashboard that allows their consumers to see which recipients have access to their permissioned data, add new accounts, remove accounts, or remove access overall.
Akoya security and technology
- FDX+ is the primary API interface for data recipients. All APIs are RESTful.
- OIDC, OAuth 2.0, and SAML are implemented for authorization and authentication.
- Complete logging, auditability, and traceability.
- Different logging capabilities available.
- Cloud-native implementation on AWS that enables elastic scaling in real-time.
- Micro-services architecture that enables continuous application upgrades and cloud scalability.
- Strong in-flight and at-rest encryption.
- Least Privilege Zero-Trust Model.
- Secure application development implementing DevSecOps.
- NIST and FFIEC frameworks are leveraged to define and prioritize risks.
- Akoya is SOC 2/Type 2 certified.
Need help?
Check out our Developer Community, or visit the Support Center in the Data Recipient Hub.
Looking for provider nuance documentation?
All provider nuance documentation is available in the Data providers section in the Data Recipient Hub.
Still stuck?
For all production issues, submit a support ticket through the Data Recipient Hub. Our support team is standing by 24/7. Questions and non-production issues will be answered during business hours.
Updated 2 months ago