Open API banking: A ‘How-To’ Guide

Satya Swarup Das

Senior Solutions Architect at Virtusa

Views 1553

Open API banking: A ‘How-To’ Guide

30.10.2017 09:00 am

With the advent of open API banking, professionals across the banking world are steeling themselves for dramatic changes to their value chains and partner ecosystems. These changes call for a radical rethink of the status quo, and highlight areas where the banking industry needs to improve if open API banking is to be a success. As it stands, the banking industry has mixed views on whether open API banking should be welcomed – largely because there’s no clear direction on how to go about it.

Amidst this uncertainty, the EU’s impending PSD2 ruling has offered the closest thing the banks have to an open banking blueprint, making Europe a pilot project for the rest of the world. Yet while there’s plenty of column inches dedicated to the implications of this new ruling, there’s still a great deal of uncertainty around how to make a success of it.

How to get the most from open banking

So while there’s no ‘one-size-fits-all’ approach to open banking, there are a number of key considerations that the banking industry needs to consider if it’s to get the most from open banking:

Data sharing: Given that data sharing sits at the heart of open banking and the PSD2 ruling, banks need to be able to anticipate what kind of data needs to be shared with a mix of different third party entities, Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs). To help prepare for this requirement, banks should consider exposing a layer of their data via a 360 degree customer view, extracted from various sources within the bank to a group of third parties.

Data security: Security is at the top of the agenda for most industries, and banking is no exception. To comply with PSD2’s requirements, banks will need to critically examine which security protocols to implement, while creating a policy to govern how and when data should be shared externally – all while considering a mix of data protection regulations.

Management of APIs: Banks need to have an organised API management strategy in place. Under API banking the world is moving from SOAP based APIs to REST APIs. This is a significant change in API protocol that impacts how data is represented, and will require input and oversight, including tools to convert existing SOAP APIs into REST APIs. Bigger banks may have their own in house solution for APIs, some other banks may opt for API management provider.

Testing and publishing: As ever, testing is a crucial aspect of the compliance process. Banks should consider the value of ‘sandboxing’ the APIs they’ll use to expose data – in other words, experimenting with APIs for a specific project in a pre-production environment can help banks predict how well the project is likely to fare, without risking any data.

New business avenues: Open banking and the use of APIs doesn’t just apply to the banks’ existing services. Banks must keep looking for new opportunities to apply their open API strategies – this might even lead to new channels for customer service, or even new business options.

API Monetisation: The successful and frequent usage of open APIs will bring forth new monetisation opportunities. As banks expose their data through APIs, a range of various third-parties will have the opportunity to develop their own services using the banks’ data. For example, retail websites may begin to offer customers the chance to check their bank balance before making a purchase – all without leaving the retailer’s website.

Open banking will portend the next great leap in banking services. While there’s still a good deal of fear among banks that the ability for third parties to build their own services using the banks’ data will relegate banks to mere utilities, open banking should instead be seen as an opportunity. Will the banks really allow themselves to become utilities, or will they embrace a new type of service provider role? The answer rests on how well the banks can prepare themselves – and PSD2 provides the perfect test.

 

Latest blogs

Paul Kasinski Sageworks

What banks can learn from retail disruption

The same degree of disruption that has upended the retail industry is coming to banking, according to Paul Kasinski of Sageworks. “Banking won’t be done the same way five years from now,” Kasinski recently told a group of startups and developers at Read more »

Michael Corcione Cordium

GDPR: 5 STEPS TO COMPLIANCE

The European Union’s General Data Protection Regulation (GDPR) comes into effect on 25th May 2018, with significant fines for non-compliance. It impacts any organization in the EU and organizations outside the EU who sell, market to or monitor EU Read more »

Ruben Salazar Visa Latin America and the Caribbean

Why Do Fast Transfers Work Better within Payment Networks?

Financial authorities and regulators around the globe are looking for new fast payment solutions. International card payment networks like Visa are already offering and expanding these solutions. Fast Transfers in payments networks are transactions Read more »

Elina Mattila Mobey Forum

Quantum Leap: How will banks cope with tomorrow's tech?

Last century, one of most dramatic changes to the banking ecosystem was the integration of digital technology, both with back office and customer-facing systems. Today, we are entering a whole new phase. Customer demographics are shifting as Read more »

Natalia Kharchenko Cleverroad

Finternet of Things: How IoT Can Revolutionize Financial Sector Once And for All

It is not a secret for anybody that the Internet of Things today makes a great revolution in the world. Different types of electronic devices can connect with each other and make life easier and more convenient.  Apart from the common use of IoT in Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App