Integration of open banking APIs: How to do it right

Integration of open banking APIs: How to do it right - IdeaSoft

The financial sector is undergoing a digital revolution. Conservative banks are following modern trends and are beginning to provide third parties with private information. This trend has appeared in Europe. For example, since 2010 the Open Bank Project has been developing a system that supports the disclosure of bank data. It has the support of the largest banks in the country. In this article, we will talk about how to integrate open banking APIs.

Table of contents:

  1. What is an open banking API?
  2. Challenges of integrating open banking APIs
  3. How can open banking APIs be adopted?
  4. How can IdeaSoft help you with the integration of open banking APIs?
  5. Conclusion

What is an open banking API?

Open banking APIs are interfaces that provide access to banking data to third parties. Of course, with the consent and authorization of all parties and primarily users. Personal banking information is transmitted and presented via an API. In simple terms – a list of commands, requests, and responses, with the help of which computer programs exchange information with each other and interact. They force each other to perform specific actions. 

How it works in practice: for example, a person has been using the services of a large bank for years – he or she owns several cards, regularly makes deposits, and maybe even invests. His or her bank is a fairly reliable but conservative market player. This person would like to connect intelligent analytics to their data and get valuable insights into their budget and financial habits. To do this, the bank must grant access to a third-party company that specializes in such intelligent analytics through an open API. The person authorizes the data exchange and gets a detailed summary of their expenditures, revenue, capital, and expected income.

For example, in Great Britain, the Open Banking Standard initiative was launched with the support of the public authorities in 2015. It aims to increase competition and accessibility of services in the financial market. According to the initiative, banks must provide 3rd parties (so-called financial and technical companies) with data on customer balances and access to their current accounts. The principle of the Open Banking Standard became obligatory for 9 of the largest banks in Great Britain, which serve more than 80% of the country’s citizens. 

Investments in open banking projects have increased, especially after increased customer demand for comfortable, remote, and integrated financial services at one entry point. This can be seen in the EU financial market. According to analysts at Swedish Fintech platform Tink, the average investment budget for open banking in the European Union in 2020 was between 50 to 100 million euros.

At the same time, according to the Irish consulting company Accenture, in 2020 7% of all European banks’ revenue (or 61 billion euros) was generated from projects in open banking. Several startups developing open APIs received considerable funding at the start of the pandemic. This was a strong indicator as to the attractiveness of open banking for investors because venture capitalists and funds are more balanced when investing in startups in times of economic instability. 

Based on global financing trends for the sector in 2020-2021, researchers at Allied Market Research (India) made some predictions. They estimate that open banking startups will soon be the fastest-growing FinTech segment with an average annual growth rate of 27.3%. And overall, the global open banking market will grow at 24.4% per year to reach $43.15 billion by 2026. Not surprisingly many companies are now interested in how to adopt open banking APIs. 

You can read our article “Open Banking Explained” to dive deeper into the open banking trend and open banking API development.

Challenges of integrating open banking APIs

Open banking API development makes information about its customers’ personal or commercial accounts more accessible externally through the interfaces. Of course, there are risks caused by using open banking APIs, for example:

  • Inauthentic software. Before providing access to data to third-party software, the software needs to undergo rigorous IT due diligence and quarantine testing.
  • API testing and validation. Open banking can expose customer data to huge risks without rigorous quality assurance.
  • Inadequate SSL validation. SSL certificate validation is necessary to ensure API security. These certificates authenticate users who access the server by exchanging client authentication certificates. Failure to properly validate certificates can result in the theft of API keys, passwords, and usernames.
  • Security. With cyber threats and crime on the rise, it’s wise to verify the software’s authenticity before allowing it to connect to banking information.

Open banking allows third-party companies to access customer financial data via APIs and RTPs, creating a bridge between customers and their financial service providers. The API model involves a financial institution providing an identity token to an aggregator. There are already many cases in the market where a startup’s business model has been partly based on open banking:

  • PayTraq platform helps businesses partially automate their accounting by connecting to the big banks’ open APIs. The system allows people to track expenses, allocate budgets, and monitor payroll.
  • Capital on Tap service offers small and medium-sized enterprises to take out loans under a simplified scheme. Using banking data, the company evaluates the client’s trustworthiness and can make faster decisions on loan requests.
  • Your Company allows companies to accumulate data from different accounts in different countries on one platform to manage finances more efficiently.

Startups also use open banking APIs in the crypto world and gaming sectors. For example, the Blockchain.com platform allows people to deposit money into their cryptocurrency wallets directly from their bank accounts without entering extra data. Another case is the Klarna payment service and Safello, a brokerage platform for crypto traders: users can buy cryptocurrencies in a couple of clicks.

Analysts at McKinsey believe that open banking APIs will benefit small players. Free access to financial information will increase GDP by 1.5% in Europe, Britain, and the United States. But it is not easy to obtain data. For example, in Europe, a company needs a license from the Financial Conduct Authority (FCA) or another regulator to get on the register of approved services and personal access data. Currently it isn’t always clear for many companies how to integrate open banking APIs.

How to adopt open banking APIs?

The components of successful open banking API implementation are the purchasing of  licenses, software installation, security compliance, understanding of the strategic direction, and development of the API by an innovative software development company. Business intelligence is the driver of open banking API development. Open banking does not mean providing products for free, its application must have a financial component. Even banks are advised to develop their own set of APIs for regulatory functions and to generate income.

The process of API development and integration:

  1. Terms of Reference. Data is gathered about the application and the customer’s requirements to achieve the necessary results.
  2. Development of the API server. This involves writing program code to form secure access to the data transmitted to the clients.
  3. Application identifiers. Represents a secret code to protect the server from tampering.
  4. Interactive documentation. Writing technical documentation with examples and tutorials allows other developers to interact with the API platform.
  5. Integration. This includes writing tool libraries and the standardization of codes in programming languages.
  6. QA and testing. A planned and systematic process ensures that a software product is tested to meet customer requirements and expectations.

It is mandatory to create a strategy. This includes consideration of business goals and objectives (how the service will be developed, what products will be in demand) and the technical side of the issue (how to version it, ensure backward compatibility, development, content, use of unaffected functionality). An important aspect of APIs is usability.

Fundamental aspects for the development of an organization’s API strategy are studying the business and IT landscapes. It is necessary to perform hypothesis generation and testing, define target audience segments, form and prioritize the hypothesis pool, and identify user needs. Then you need to handle the selection of priority scenarios, determine the conditions for partnerships with external companies, work out the models of monetization and tariffing, and make a list of necessary APIs. Then the requirements for the project’s further development are formed, the key risks are identified, and a roadmap for the project’s implementation is created.

How can IdeaSoft help you with the integration of open banking APIs?

Trends in the development of open banking APIs suggest that the development of mobile applications for fintech businesses is already relevant. IdeaSoft clients from the financial sector are already showing interest in this direction and are exploring possibilities for developing multi-bank applications using open APIs. IdeaSoft`s experience in fintech development allows us to implement such solutions.

The specialists of IdeaSoft will choose the best option for your integration – with the help of a third-party (ready-made) or custom API. We will do several things for you which include: analyzing your requirements, drawing up the requirement specifications, writing the code, providing protection against unauthorized activities, completing the integration and verifying that everything works correctly. If a custom developed API-server option is chosen, we will write clear instructions with examples of how to use our integration.

The cost of full development and integration of API solutions is calculated individually and depends on the complexity/scope of work. The deadline for such a task is at least 30 days.

The fintech industry is an area that requires the most remarkable accuracy and security in all operations. When choosing a company for the integration of open banking APIs, you should pay attention to many factors, such as: experience, approach, values, expertise, and cost of services. And we fit all these criteria.

Feel free to check our Fintech solutions page and contact us directly to discuss your project. Our managers will advise you, answer all your questions and explain what to do next.

Conclusion

Open banking API integration is the link that binds technological developments together. There is currently a booming market for API integration and API integration tools. The API development and integration process consists of developing Terms of Reference, API servers, application identifiers, interactive documentation, integration, and QA and testing.

The two main approaches to the API creation are regulation and implementation. This is a market approach when financial regulators do not force the introduction of open banking, and market participants perceive this system as an opportunity for additional income. This is the situation in the United States, Canada, New Zealand, China, Singapore, Sri Lanka, Switzerland, Turkey, and UAE. 

The second approach is when the regulator (for example, the Central Bank) issues legal acts and regulations, obliging market participants to provide access to their services. An example of this regulation is the obligation to provide open access to certain services, initiate payment transactions within the bank, etc. This approach is used in Australia, Brazil, European countries, India, Japan, and Great Britain.

Viktor Legetsky
Viktor Legetsky
Managing Partner
Subscription

Subscribe to Newsletter

Subscribe to IdeaSoft newsletter — be the first to get blog updates and IdeaSoft news!

Not subscribed, because of server error. Try again later...
Successfully subscribed!