Written by: Dániel Bagó, Product Marketing Manager, Balasys
The practice of securely sharing financial data, subject to customer consent, through banking APIs gave birth to hundreds of new applications that were previously unavailable.
What is a banking API?
Open banking is the practice of securely sharing financial data, subject to customer consent. The exchange of data between the bank and authorized third parties (such as financial institutions, fintech companies, and enterprises that are not necessarily active within the financial sector at present) is enabled via Application Programming Interfaces, or APIs.
APIs enable the communication of different applications with each other by regulating how different software components interact. We use dozens of APIs each day – in mobile bank apps, in movie streaming services, on various websites, and in electric cars. APIs grant companies opportunities to provide easy-to-use and intuitive services to their customers.
Banking APIs help financial institutions provide modern web-based services and mobile apps to their customers. Historically, banks had proprietary services and offered them only through their own channels. Thanks to the adoption of PSD2 (Payment Services Directive) by the European Parliament in October 2015, this situation has changed forever: PSD2 promoted the development and use of innovative online and mobile payments through open banking solutions.
Open banking APIs allow third parties – like Revolut and Wise– to access account information and initiate payments. These new companies were crucial for developing new apps and services for the customers of traditional banks on top of bank infrastructure. Their impact can be compared to the role of Google Maps API – thousands of mobile services now rely on geolocation data provided by Google Maps. As the number of users of only these two fintech companies has exceeded 22 million by 2022, it is not an exaggeration to say that open banking APIs have successfully shaken the financial system, and transformed how incumbents interact with their consumers, with other banks, and with fintech companies.
Although open banking has brought many advantages to customers, it is not without risks:
What are the benefits of Open Banking APIs?
Open banking APIs bring many advantages to customers:
But open banking is also beneficial for banks and third-party providers:
Examples of Open Banking APIs
Thousands of banks and other financial companies have built various services in the last few years. Here are a few examples:
BNP Paribas is a French international banking group. It is the second largest banking group in Europe, with 190,000 employees. BNP Paribas’s Open Banking Portal enables developers to test and use various APIs in production free of charge. It offers a wide variety of services in addition to the ’compulsory’ PSD2 ones (Account Information, Payment Initiation, and Availability of Funds), such as smart derivatives API or net asset valuation API.
Barclays is a British multinational universal bank headquartered in London. It launched its Open Banking initiative in 2018 and offers various services beyond account information or payment initiation, such as an ATM Locator and Branch Locator.
DirectID is one of the earliest open banking pioneers to use open banking data to offer different credit and risk decisioning services, such as bank account verification, portfolio risk management, and SME financial health.
Although open banking brings advantages for incumbent financial institutions too, it also fosters competition – which is why regulators had to be the key drivers of open banking’s spread. As we outlined earlier, the most important regulation – and stimulant – around open banking is the Directive of the European Parliament and of the Council (EU) 2015/2366 of 25 November 2015 on payment services in the internal market, i.e. PSD2. PSD2 introduced increased competition and innovation into the financial services sector and successfully gave birth to several new customer-centric payment services changing the classic bank-customer relationship forever.
But PSD2 is not set in stone: the European Commission has already announced and launched a comprehensive review of the Directive – the consultation period ended in August, and the adoption of the modified regulation is planned for Q4 2022.
PSD2 is not the only good example available of open banking. In the UK, the Competition and Markets Authority (CMA) set up the Open Banking Implementation Entity in 2016 to foster innovation and competition in the retail banking sector. In recent years, the open banking ecosystem has enabled customers and SMEs to share their current account information securely with third party providers, who then use that data to tailor their apps and services to people’s specific financial circumstances.
The UK and the EU are the most developed countries in terms of open banking, and their development is accelerating further. But without regulations like the PSD2, other countries with advanced banking systems – such as Japan, Canada, or the United States – are only opening their banking services very gradually.
Ez a blogposzt a Creative Commons Attribution-ShareAlike 4.0 International (CC-BY-SA 4.0) License feltételei mellett licencelődik.
Bitcoin account hijacking using OSINT techniques
Researchers at Kudelski Security have managed to break Bitcoin and Ethereum wallets using a novel attack against one of the most popular asymmetric key algorithms of modern cryptography, ECDSA.
Chinese researchers: RSA is breakable. Others: Do not panic!
In a recent publication, Chinese researchers claim that there is an existing algorithm that, even with today's quantum computers, makes it possible to break the RSA algorithm, which is the fundamental basis of secure internet communication. At the same time, there are doubts about the reliability of the publication.