Torsten Lodderstedt

Dr.-Ing. Torsten Lodderstedt is CTO of, a startup building an identity scheme for banks and their customers. Before joining, he served for a decade in different roles at Deutsche Telekom’s identity team, building and operating large-scale consumer identity services. In his previous positions as consultant and IT architect, he helped customers in several domains (public, banking, railway communication, telecommunication) to implement highly scalable and secure applications. Torsten Lodderstedt received his Ph.D in computer science from Albert-Ludwigs University in Freiburg. Torsten regularly contributes to OAuth & OpenID with a focus on security and architecture. For example, he was editor of the OAuth Security Threat Model (RFC 6819). Currently, he is editor of the OAuth 2.0 Security Best Current Practice (draft-ietf-oauth-security-topics), contributes to OpenID Foundation's FAPI working group, and helps ongoing API standardization initiatives, especially in the PSD2/Open Banking & Electronic Signing spaces, to effectively use OAuth.

Torsten's Session

Thursday, June 27
3:45 - 4:10 pm
PSD2, Open Banking and Technical Interoperability
The Payment Service Directive 2 (PSD2) is a huge leap forward for Open Banking as it obliges every financial institution operating in the European Union to provide APIs for Access to Account Information and Payment Initiation. The need for more then six thousand financial institutions to provide APIs caused a tremendous push forward for financial API design and accompanying authorization and authentication technologies. Based on the experiences gathered while supporting some of the PSD2 API initiatives in the context of OpenID Foundation's FAPI working group, this talk will give an introduction to PSD2 and related technical standards, dig into some remarkable aspects of authorization for financial APIs and points out the potential impact on the future of OAuth.

Enter your details to receive email updates from Identiverse