If you are involved in the world of finance, the chances are you’ll have heard a lot of people talking about Open Banking recently.
There are a lot of changes coming, which present a host of challenges and opportunities for everyone in the industry. It’s an exciting time.
Much of this revolution is going to be powered by APIs – which make up an absolutely fundamental piece of the Open Banking jigsaw.
And yet, many people in banking still don’t know what APIs actually do.
With this in mind, we’ve created a ground-level-and-up explainer of exactly what APIs are and how they’re set to transform the world of finance.
And if, after all this, you’re still struggling to figure it all out – drop us a line to see how we might be able to help.
What is an Application Programming Interface (API)?
You can think of an API like a very specific language, or set of rules, that allows applications to talk to each other.
APIs are written by all sorts of different companies to send information across their own internal systems as well as to allow third parties to have limited access to their data.
And it’s not just accessing data – as APIs can also be used to actually do things. For example, you can use them to block a debit card.
Open APIs and private APIs
In essence, there are both public and private APIs. And the difference is simply as the names suggest: private APIs are available only to the people who have created them and are intended for private use in internal systems; whereas public – or, Open – APIs are published online for anyone to use.
These Open APIs are the real drivers of innovation, as they allow developers all over the world to have access to information that they can then use to create something new.
So, whenever you see a Facebook ‘like’ button on someone’s website, or a Google map in another company’s app, it will have been put there by somebody using Facebook’s or Google’s public APIs.
These APIs share a small amount of a company’s code with the wider web, so that anybody else can link up with it to do business or share data.
Why do APIs exist?
It’s a far more efficient system than the alternative – because without APIs, any company wanting to share access to its data would need to open up all of its code to the entire world. This wouldn’t just be a huge security risk – it’d be needlessly time-consuming and difficult for developers.
APIs give all developers a much easier way to access the functions they need, without having to wade through the code for the functions they don’t.
How do APIs work?
Any API publisher will typically provide an online resource for developers which shows them how to access it.
At its basic level, using an API simply involves two things: a question (or, API request) and an answer (or, API response). You can use an API to make a request – then it will send you something back. This might be asking for a price, or a logo, or a number, or really anything that can be represented using data.
The information you need, which is stored by the host application, will be on a server. You can ask for a specific piece of information – but you can also change the data that’s being stored. This is what happens when you hit the Facebook ‘like’ button on a website – the information on your Facebook account is updated without you ever having to visit the Facebook site or app. It’s simply done via their API.
And the same is true for banking APIs. Using, say, the Barclays API, a new FinTech app could access your current account information by simply asking for it and providing verification. The app can then use this information to do whatever it is that it’s been designed to do. Maybe it’s building data visualisations for your spending, or making suggestions on changing energy supplier.
Of course, security is vitally important where banking info is concerned. But this is another area that APIs have an advantage – because sharing data any other way would likely involve opening up the bank’s servers to third parties. This is not a position any security-conscious bank ever wants to be in.
Whereas, with APIs, a request can be made using the requisite security clearance, and then only the piece of information requested need be shared. This leaves the rest of the database completely secure.
And for added security – customers who have consented to share their account data are asked again every 90 days to confirm they still consent to it being shared. The consent is also split up into specifics, so no bulk ‘consent to all’ tick boxes.
What are the different types of API?
There are various different types of API that have all sorts of different functions. These include library-based APIs, Class-based APIs, Hardware APIs and more.
But the area most relevant to finance and open banking are Web APIs. The type that we use most here at Contis are a sub-set called RESTful APIs. These are a class of API that are based on HTTP, or, HyperText Transfer Protocol, which is just a specific type of online communication. In fact, it’s what most of the internet we use everyday is based on.
The process of using an API is in many ways exactly the same as typing ‘www.google.com’ into a browser and receiving the google homepage on your screen – as it uses the same basic rules to communicate.
Where can you find access to APIs?
API data is stored on servers – just like the rest of the internet’s data. But the most important thing from the point of view of somebody looking to use them is where the developer information is stored.
Every company that provides an Open API will list the documentation online – and it should be relatively easy to search out.
This API exchange, or developer portal, will list all the documentation developers need to access the API.
When did APIs become so important?
APIs are not actually a new technology – as they’ve been around in one form or another for almost as long as computers themselves. This is because they are simply a way for applications to talk to each other.
But the reason so many people in the world of finance are getting excited about them right now is the rise of Open Banking.
This has all been kick-started by a piece of legislation called PSD2 – or, The Second Payment Services Directive. Sounds sexy, right?
PSD2 is an EU directive that says banks must allow third-party providers access to customers’ information if it’s requested and authorised. This means that startups who have new and innovative ideas about how to help people manage their money can put them into practice without being blocked off by the bank that holds the keys to the information, so long as a verified customer requests access.
And how are these new innovators going to access this account information? You guessed it – via APIs.
All banks are going to have to publish public APIs to allow third parties to access the data they hold. So APIs will quite literally underpin the entire Open Banking revolution. The deadline for all banks to have an Open API published and available is 14th March 2019.
Depending on the way you look at it, this either poses a threat to legacy banks, or a huge opportunity. Those hoping to remain rigid, and make money in exactly the same ways they always have, will almost definitely struggle. But banks that invest in innovation and grasp the world of Open Banking enthusiastically will find there are loads of great new opportunities to create exciting products and open up new revenue streams.
The entire financial ecosystem is going to change beyond recognition as more innovators start building apps and services that give consumers new ways of managing their money. And it’ll all be powered by the APIs that facilitate the flow of data.
Need more information?
Our team of experts live and breathe Open Banking and APIs every day. We love it, and we want to talk to innovators who are thinking about trying something new.
So if you’ve got a question, or just want to talk about a new idea, get in touch for a chat.