Connecting your pensions dashboard to the government’s central digital architecture (CDA) can be a daunting task, especially if your team is not well-versed in the technical aspects of the process. This post aims to provide an overview of the challenges and complexities involved in the connection process and how partnering with the right company can make this much easier.
Watch the webinar: How to build a pensions dashboard →
The Pensions Dashboard Ecosystem
Integrating your pensions dashboard with the CDA involves a lot of work. Unlike open banking, where customers authenticate with each bank or credit card provider individually, the pensions dashboard ecosystem allows customers to authenticate and verify their identity in one place via the Consent and Authorisation Service. This approach simplifies the process to some extent but doesn't remove all the complexities.
Connecting to the Central Architecture
You’ve gained all of your relevant permissions , and you’ve developed a User Interface that complies with all the relevant design standards . Now it’s time to connect to the PDP Central Digital Architecture (CDA) which is required for the ‘find’ process in Pensions Dashboards.
To do this, you'll need to use the User Managed Access (UMA) 2.0 standard.
This complicated protocol isn't widely used, so it’s unlikely that off-the-shelf libraries or vendor support will be readily available.
You'll likely require custom development and experienced engineering teams to tackle the intricate API flow and cryptographic signatures involved. Additionally, a lack of a robust sandbox or test environment makes debugging incredibly difficult.
Dealing with Individual Pension Providers
Connecting to the central service for authentication is only one part of the process. You'll also need to connect to individual pension providers to access the relevant pension data, required for the ‘view’ process in a pensions dashboard.
The minutiae of this is similar to open banking and can be labour-intensive, as you'll need to obtain data from multiple providers.
Maintaining Compliance and Security:
When connecting to the central digital architecture, it's crucial to follow various standards, policies, and reporting requirements as part of the code of connection. Additionally, you'll need to have the right security policies in place, conduct penetration tests, and ensure that you're capable of handling sensitive personal and pension data securely.
The Benefits of Partnering with a Technical Services Provider
Working with a company like Moneyhub, which has extensive experience and expertise in this area, can save you time, effort, and money. Moneyhub can handle the complex UMA-based API and connections to pension providers while offering a simpler, single API for user authentication and pension data retrieval.
You then have the option of designing your own front-end user interface, or we can handle that for you too.