Getting to grips with open API standards in financial services

Getting to grips with open API standards in financial services

Ross Mason

Founder at MuleSoft

Views 3905

Getting to grips with open API standards in financial services

23.06.2015 01:00 am

The Government has made spurring the growth of the UK's financial technology sector a priority for 2015. After reviewing the responses to its recent Data Sharing and Open Data in banking report, it is committing to delivering an open Application Programming Interfaces (APIs) standard within two years. It’s a decision savvy banks will welcome because customer demand for change has already grown to such proportions that require banks to act. Delivering an open API standard in two years is feasible, but banks must temper the speed of developing and launching new apps with both the need to protect customers’ information against cyber attacks, and overcoming technical limitations of legacy systems.

APIs allow two pieces of software to interact, and enable developers to leverage customers’ data - with their explicit permissions - in innovative ways. For instance, customers could use a smartphone application to see how much money they spend on food and how that spending fluctuates every month.

The open API for banking would allow authorised applications to access information about consumer financial data so that  new applications and services for consumers can be easily developed.

This innovation can also bring significant business benefits to the banks, and in fact, some have already launched open API and app store initiatives. Sixteen UK banks and building societies collaborated to offer Paym, a P2P payments service using the UK’s Faster Payments network. Another group of banks backs Zapp, which integrates into their existing mobile banking apps to enable P2P payments, mobile online shopping and Bill Pay.

The Government opened its Call for Evidence on Data Sharing and Open Data in Banking for four weeks in late January, and received over 40 responses from stakeholders spanning the financial services industry, consumer and business groups and the fintech community. The summary report, available for download here, concludes:

“It is clear from the vast majority of responses…that the benefits of an open API standard are numerous and widely recognised… it is evident that an open API standard can be designed in a way which meets requirements around data protection and security, and at reasonable cost. The majority of respondents also said that developing an open API standard to a timescale of one to two years would not be unreasonable.”

While the proposed timeframe is not “unreasonable,” banks do face substantial monetary and technical challenges.

The primary cost for banks will come in the work required to open and connect data from their proprietary, ‘locked-down’ applications in the format the API standard demands. The new open data standard introduces new business requirements for banks to connect multiple, siloed accounting systems to serve that data standard through new connectivity and integration tools. The data would need to be cleansed and standardised, with each bank facing its own challenges since each bank’s infrastructure varies widely.

Another practical issue is the development timelines. Banks would need to budget, design, staff, develop, and test data feeds – work that can easily consume two years.

From an information security standpoint, the open API standard needs to exceed financial services industry standard best practices. The minimum standard for online banking is two-factor authentication, and I recommend adopting an approach that authenticates all three parties in an API call (bank, third-party provider, and bank customer) and encrypts data at rest and in motion.

Appropriate sharing of banking data will benefit consumers by increasing competition, transparency and the development of innovative technology tools. The first critical step is to clearly define the critical success factors, business objectives and business model for the Open Banking API Standard. Additionally, the Government should engage standards bodies such as the International Organisation for Standardisation (ISO) that has experience with financial standards, and revise current banking regulations to enable banks to participate and benefit from opening data sharing.  

These are exciting times for the banking sector. By adopting an open API approach, banks have the potential to transform their businesses, to the benefit of customers and the wider financial services community alike.

 

Latest blogs

TYRON JONES n/a

How Technology Has Disrupted the Used Car Buying Experience

We’ve seen many fields change rapidly as a result of the integration of modern technological advancements over the last couple of decades. And it looks like more is coming on the horizon as well, judging by current trends. One of the markets that Read more »

Shuvo G. Roy Mphasis

Reboot 1.0: How financial services technology can enable the supply chain to support a post-lockdown boom

Ground control and Captain Tom When veteran Captain Tom Moore decided to walk one hundred laps of his garden before his 100th birthday to raise funds to support NHS heroes battling Covid-19 from the frontline, he never imagined that he would Read more »

Lisa Gutu Salt Edge

Building a PSD2 compliant channel: challenges and opportunities for financial institutions

PSD2 obliges ASPSPs including banks, e-wallets, prepaid cards and other companies that offer payment accounts to provide at least one channel for secure communication with third party providers (TPP). Even neobanks or e-money institutions, including Read more »

Thomas Pintelon Capilever

Credit origination - A lot of innovation on the horizon

While consumer credits are becoming more automated and user-friendly to request, all other credits are often still very manual and labor intensive to originate. In this (relatively long) blog I will try to give a description of the (potentially Read more »

Kelly Kearsley Hourly.io

Time Card Theft is a Big Problem. Here's How to Stop It.

Trust is at the core of every employer-employee relationship. You trust your people to do their jobs, and they trust you to compensate them for their work. Most of the time, it works. However, there's always the person looking to bend the rules or Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel