One of the hottest topics at this year’s Sibos conference in Geneva, Switzerland was open APIs (application programming interfaces), and how their introduction is causing concern among some financial institutions, while offering promising opportunities for early adopters. Regulations, such as Europe’s revised Payment Services Directive (PSD2) and others, is driving the move toward open APIs in financial services, and this blog explores some of the key technical issues discussed at Sibos.
Defining the data dictionary and data model
For open APIs to be interoperable—that is, to work effectively among different parties—there has to be a defined (and agreed upon) data dictionary and data model. If the data structure and data elements are not standardized and published, then there can be no standard framework for developers to work against, and every API implementation must then be custom. This is one of the key technical considerations that the banking community must resolve to ensure the quick development of applications and a rapid return on investment.
Once you have agreed upon the data dictionary and data model, additional issues must be addressed. For example, who will own the data model and update it? And, what API calling message structure should be used? ISO 20022, already extensively used in the banking community, is viewed as a good starting point for defining the data dictionary and data model. However, it is likely too onerous for defining the API calling message structure. So, will a new regulatory standard be required?
Balancing ease of use versus security
Balancing ease of use versus security is another key technical issue. Why is Uber successful? One reason is its ease of use. History has proved that consumers will always use the easiest option available. Therefore, for APIs to be successful, they have to be simple and easy to use.
In addition, as cyber threats continue to increase, the new open API economy needs to be made more secure. This can be done by building end-to-end security into applications, adopting a federated identity model, and connecting business services with the payment function, thereby bypassing manual interventions, log-ins, passwords, etc. Biometrics, including fingerprint and iris scans, also will continue to evolve for user access to mobile devices, ensuring higher levels of security.
Choosing the right API platform
APIs are more than opening up core applications to third parties. At run time, a bank needs an API platform to perform load balancing and to monitor and control access and usage. For example, predicting future volumes and peak load timings for consumer generated traffic is difficult, so ensuring that a system can be scaled up and down to provide instant or near instant response times, irrespective of the number of concurrent users, is essential. If the application is not available when consumers try to access it, they will immediately switch to an alternative service and probably won’t return if they get a good experience elsewhere. Therefore, the service has to be quick, easy and almost certainly available 24/7.
How should banks respond?
Recent research published by CGI—FinTech Disruption in Financial Services—shows that both consumers and businesses are seeking more from their banking providers. As digital transformation continues to accelerate across the globe, businesses and consumers will start to look beyond their existing banking relationships and consider moving to new providers, including FinTechs. So, there is increasing competitive pressure in the financial services market.
Historically, early adopters of new technology have often not gained much advantage over mainstream players. However, in the case of the developing open API economy, those financial institutions that embrace it now will have a major opportunity to leap ahead of the laggards and make significant gains in market share. While open APIs are not the only answer to increasing market competition, they are a driver for banks looking to engage in true digital transformation that offers real benefits for their retail customers and corporate clients. Whether providing a new service to assist the mass affluent in making informed investment decisions or giving corporates the ability to integrate their banking into the supply chain, early adopters of open APIs will win and may win big.
For more insight on the open API economy, read CGI’s white paper, “How Banks Can Create Value from the Rise of the Open API Economy in Financial Services.” Also, feel free to reach out to me for further discussion.
About this author
Vice-President, Financial Services
Jerry Norton is CGI’s Capital Markets and Corporate & Transaction Banking leader. He is jointly responsible for CGI’s strategy across the banking industry and is a member of CGI’s Banking Industry Cabinet and its Growth Council, which govern CGI’s global $2bn plus financial services business. ...