Open API Framework in the Banking Landscape: Threat or Opportunity?
To keep pace with the technological developments, to comply with the new regulations, and to remain competitive in the finance industry, banks must find digital partners to innovate and redefine their ways of working. The regulations started to demand the transition to a more digital and innovative online systems through open banking. For such a conservative industry thriving to protect the customer data traditionally, this means the breakdown of a whole belief system. With the introduction of open banking systems, the definition of the relationships among banks, their customers, and partners has changed. While some see this change as positive and inevitable for an evolution towards digitalization for the banks, others see it as a negative impact on the industry and customers.
The API Journey of Banks and Creating a Business Value with Different Approaches
To its most basic definition, an API is a technological enabler made up of commands and functions to operate a specific program by another program.
In the banking world, APIs are used for several purposes like application integration, banking as a platform, innovation, and client connectivity. As the regulations and new customer needs evolve, open banking has had to grow steadily. The role of APIs in this new evolving system is to make sure that the banks and the third-party firms collaborate with each other for the sake of innovation.
To be able to access banking services, customers are required to enter their data manually to a web-based or mobile platform to reach balance and transaction data. The role of APIs here is working as a new connectivity channel to enable programmatic access to financial information like accounting packages, treasury management systems, and ERP platforms.
So, the APIs serve as an excellent opportunity for banks to build a business value while adapting themselves into the digitalized world. There are four main approaches to unlock business value with application of APIs:
- APIs for Integration:
To be able to create a comprehensive connection between the traditional processes with the new digital, mobile, and cloud-based applications, APIs, microservices, and web services aim to achieve a decomposed integration layer with which they encapsulate the legacy systems to enable legacy modernization. To have a modernized legacy system, there are a couple of ways referred:
- Standardization of web services and APIs
- Using Representational State Transfer (REST) APIs for the main system
- Creating microservices architecture for APIs
- APIs for Banking as a Platform:
Banking as a Platform (BaaP) or Banking as a Service (BaaS) is when a bank acts as an infrastructure provider to external third parties. APIs provide advantages both for the BaaP providers and consumers. For the providers, there are the possibilities of monetizing the state-of-the-art technology abilities, achieving indirect reach to new clients, enlarging the product distribution network, and developing new products for finch purposes. As for the consumers, better banking licensing, time to market, compliance in regulations, and state-of-the-art technology capabilities are among the advantages.
- APIs for Innovation:
As the driving force of regulation compliance, new customer demands, and the pressure of finch firms increase, open banking started to grow automatically, and the APIs make sure that banks and the third-party firms are working in collaborative ways for innovation.
For a successful innovation process, APIs require a good internal and external developer communities so that APIs need to be easily found, used, and developed.
- APIs for Client Connectivity
In addition to banks adopting APIs to innovate and modernize their back-office connectivity, they also started to use APIs for transaction processes with the massive increase in the number and volume of transactions flowing externally. However, the real potential of the APIs, are even bigger than batch processes for payments by turning daily reporting into real-time reporting.
Before APIs, the treasurers needed to log into the bank’s online portal to be able to see and check some specific transactions. Now, APIs provide momentary visibility of payment details and electronic account management.
As a result, it is possible to say that APIs create a more connected client experience by:
- Modernizing the data exchange in between the banks and the third-party partners
- Enabling real-time information flows
- Offering an instant and non-intrusive processing
What are the threats?
While the support for the open APIs framework in banking seems to be higher, it is not unanimous. There are also concerns for adopting this system, which include ideas like “Only the tech-savvy will be able to benefit from it” or “It creates a danger of exploitation of consumers and misuse of data”.
When financial institutions make collaborations with Third-Party Providers (TPPs) and disclose APIs to them, the risks of illegal transactions, data leakage and tampering emerge. It is a fact that APIs can be misused if the necessary precautions are not taken.
Also, the TPPs can carry the risk of tampering or leakage of user data.
These risks are of course noticed and addressed by financial institutions, TPPs and also users. As a result, the solution was to move from Legacy Authentication: scraping method to API: token authentication.
Token authentication is basically a security technique that authenticates the users who attempt to log in to a server, a network, or some other secure system and creates a token (data) showing the amount or range of data to provide to the TPPs. It is a method for the transaction of data between the banks and the TPPs.
In comparison to the older legacy authentication method, the financial institution is responsible for the information system upgrading. For users, on the other side, there is no need to register their ID and password to the TPPs and also the data accessible for TPPs is controllable.
So, it is possible to say that an open banking system with APIs involves a lot more advantages and opportunities for the finance industry than the threats. Despite the challenges and concerns, thanks to the innovative and technological developments and solutions achieved with APIs, an evolving financial reform and value chain revolution seem to be thriving in the open banking world.
Fineksus offers a global SaaS platform for Fineksus products and solutions. Fineksus consultants would be pleased to help if you have further questions and a need for financial technologies. Contact us to learn more about the solutions.
Selcuk Yavuz, Software Development Team Leader