Open API banking: A ‘How-To’ Guide

Open API banking: A ‘How-To’ Guide

Satya Swarup Das

Senior Solutions Architect at Virtusa

Views 2552

Open API banking: A ‘How-To’ Guide

30.10.2017 09:00 am

With the advent of open API banking, professionals across the banking world are steeling themselves for dramatic changes to their value chains and partner ecosystems. These changes call for a radical rethink of the status quo, and highlight areas where the banking industry needs to improve if open API banking is to be a success. As it stands, the banking industry has mixed views on whether open API banking should be welcomed – largely because there’s no clear direction on how to go about it.

Amidst this uncertainty, the EU’s impending PSD2 ruling has offered the closest thing the banks have to an open banking blueprint, making Europe a pilot project for the rest of the world. Yet while there’s plenty of column inches dedicated to the implications of this new ruling, there’s still a great deal of uncertainty around how to make a success of it.

How to get the most from open banking

So while there’s no ‘one-size-fits-all’ approach to open banking, there are a number of key considerations that the banking industry needs to consider if it’s to get the most from open banking:

Data sharing: Given that data sharing sits at the heart of open banking and the PSD2 ruling, banks need to be able to anticipate what kind of data needs to be shared with a mix of different third party entities, Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs). To help prepare for this requirement, banks should consider exposing a layer of their data via a 360 degree customer view, extracted from various sources within the bank to a group of third parties.

Data security: Security is at the top of the agenda for most industries, and banking is no exception. To comply with PSD2’s requirements, banks will need to critically examine which security protocols to implement, while creating a policy to govern how and when data should be shared externally – all while considering a mix of data protection regulations.

Management of APIs: Banks need to have an organised API management strategy in place. Under API banking the world is moving from SOAP based APIs to REST APIs. This is a significant change in API protocol that impacts how data is represented, and will require input and oversight, including tools to convert existing SOAP APIs into REST APIs. Bigger banks may have their own in house solution for APIs, some other banks may opt for API management provider.

Testing and publishing: As ever, testing is a crucial aspect of the compliance process. Banks should consider the value of ‘sandboxing’ the APIs they’ll use to expose data – in other words, experimenting with APIs for a specific project in a pre-production environment can help banks predict how well the project is likely to fare, without risking any data.

New business avenues: Open banking and the use of APIs doesn’t just apply to the banks’ existing services. Banks must keep looking for new opportunities to apply their open API strategies – this might even lead to new channels for customer service, or even new business options.

API Monetisation: The successful and frequent usage of open APIs will bring forth new monetisation opportunities. As banks expose their data through APIs, a range of various third-parties will have the opportunity to develop their own services using the banks’ data. For example, retail websites may begin to offer customers the chance to check their bank balance before making a purchase – all without leaving the retailer’s website.

Open banking will portend the next great leap in banking services. While there’s still a good deal of fear among banks that the ability for third parties to build their own services using the banks’ data will relegate banks to mere utilities, open banking should instead be seen as an opportunity. Will the banks really allow themselves to become utilities, or will they embrace a new type of service provider role? The answer rests on how well the banks can prepare themselves – and PSD2 provides the perfect test.

 

Latest blogs

Anthony Walton Iliad Solutions

Immediate Payments – Readiness

The payments industry is seeing a massive global surge in the implementation or modernisation of Immediate Payment systems. These systems challenge the status quo, and when used effectively create real opportunities for financial institutions to Read more »

Dr Bimal Roy Bhanu AiXPRT

AI-washing: is it machine learning … or worse?

There are widespread misconceptions about Artificial Intelligence (AI), including its powers and what it can and can’t do. Which means that potential users may have unrealistic expectations of what they will see when they’re presented with AI. For Read more »

Todd Clyde Token

Making Open Banking Pay with a Superior API

The success of open banking will ultimately depend on the difference it makes to customers. It’s one thing for people to be able to see all of their various account balances in one place. But if the process for moving money or managing payments Read more »

Ian Pollard Signavio

Are traditional institutions achieving operational excellence?

Traditional banks are under pressure from regulators and customers to provide a seamless customer experience. The benefits and innovations offered by new digital challenger banks are attractive, with consumers making the switch from traditional Read more »

Heiko Stuber SIX

SFTR: an overnight regulatory reporting headache ten years in the making

Waiting ages for a major regulation to come along, and as soon as it arrives another new rule quickly follows. Before the industry has a chance to fully iron out all the post-MiFID II wrinkles, another regulation comes along. This time, compliance Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel