Srini Chandrasekharan
Roadblock Title:
The Security-UX Tradeoff: What We Learned Building an Open-Finance Product
Time:
Tuesday - 3:00 PM (Windows)
Abstract:
Every open-finance integration is a negotiation between three things: the friction your users will tolerate, the risk your company will underwrite, and the regulatory guardrails you don’t get to move. As a developer, you feel all three in the same place: your integration code.
We’ll open the hood on Connect Components, Mastercard Open Finance’s self-hosted integration path, which offers REST APIs plus embeddable front-end SDKs that include sandboxed iframes for credential entry and MFA challenges. We’ll walk through the architectural calls we made, including one we knew would have developers asking why can’t I just POST the credentials myself?
We’ll also cover the OAuth versus legacy dual-path design, how responsibility splits between the SDK and your backend, where we exposed hooks versus deliberately didn’t, and the event and error semantics we shipped (and the ones we regretted).
You’ll leave with patterns for embedding third-party auth, a mental model for the trust boundary, and the v1 calls we’d revisit.
Bio:
Srini Chandrasekharan is Vice President of Product Management at Mastercard, leading Global Platforms and Global Products for Open Finance. He is responsible for driving platform strategy, innovation, and global market expansion, with a focus on scalable Open Finance platform capabilities, data-driven products, and consistent customer experiences across markets.
