Table of content
Open banking is the voice of the town these days. Banking experts forecast an up-and-coming future to open banking, while tech experts call it one of the most disrupting technologies in mobile banking.
But when it comes to particular fintech app development, many questions remain unclear. These are the questions I hear the most from clients:
- How can I use the open banking API to build a fintech app?
- Where do I get the open APIs?
What is Open Banking?
Open banking API is a technology that describes the process of data-sharing from big banks to other companies and startups. This data enables these startups to build a new product in a much easier and direct way.
Open banking API is not a new concept. Uber was also born out of the combination of maps and location API shared by Google. Likewise, Mark Zuckerberg built Facebook based on the data of names, ages, and universities. In the same way, an open banking API can become a starting point for hundreds of breakthrough startups in fintech.
For example, you would like to build a startup that would make financial analytics and give valuable insights on financial management. Good news is that you do not have to build a bank for such an app. You can use the bank's transactions’ information for further analysis and usage.
Or what if you want to build a product that would aggregate in one app accounts of different banks, making financial management simpler? In this case, the open banking API is also a great tool to simplify this process.
Open banking in EU
APIs are gaining big importance in the EU financial sector. The EU adopted the Payment Services Directive (PSD) and PSD 2 in 2007 and 2013. The directives allow banks to open their infrastructure to third parties via API with proper data production and security.
Once the initiative was adopted, it did not take long for the results to come. Surprisingly, the United Kingdom, the country with the most conservative banking system, took the lead in implementing the open banking initiative. As a result, from 2018 to 2020, the number of API call volumes has increased from 66.8 million to nearly 6 billion.
As a result, the UK financial industry has moved on from the stale point. The initiative increased the competition and efficiency in banking and opened the way to innovative fintech projects. About 2.5 million UK consumers and businesses use products based on open banking API to manage their finances.
Here are just a few products born out of open banking API:
Open banking in USA
Unlike the EU and UK, the US lags behind in open banking adoption. So far, there is no regulation on this issue in the US. However, when it comes to US companies carrying out their fintech businesses in Europe, the EU open banking regulations also become relevant.
So far, such big players as Bank of America, Citi, Wells Fargo, and JP Morgan Chase are a part of Nacha’s API standardization group, Afins. These banks and several payment providers are working together to standardize payment-related APIs. So not even being under strict open banking regulations, US banks abide by these regulations.
This is why the question “How to integrate open banking API into a fintech app” is relevant for US banks too.
What is Open API?
Now it is time to answer the critical question: what is an open banking API?
First of all, this is an abbreviation that stands for “application programming interface.” This is a collection of codes and protocols that define how program components should interact. API helps different apps interact with each other.
Data brought by API
For years banks have collected data about users’ transactions and expenses. This information brings minimum value for banks – just a stockpile of data. This could be the information about:
- Location of banking branches,
- Details of certain banking products;
- Transactions’ data;
- Mortgage payments;
- Electricity bills;
- Travel expenses.
At the same time, this data can be a valuable resource for many startups. Thanks to API-sharing, startups have an opportunity to safely use this data to create new products and increase the quality of human lives with the consent of the user.
Parties of Open Banking API
Usually, there are three parties in the process of open banking API:
- API provider (for example, Open Banking Limited);
- Startup as a third party.
The banking institution shares the necessary data (once there is the users’ consent) with the API provider. Then, the API provider builds the protocols that automatically transfer the information to the third party – a company that is about to create a product ased on the shared data.
If you are making an API-based application, you need to contact both parties – the bank and the API provider.
Benefits and Risks of Open Banking API
The fintech industry is one of the biggest beneficiaries of the open banking API. Indeed, open banking gives ground to many fintech initiatives, which benefit both users and businesses.
Benefits of open banking for businesses
- Startups can create new products, like mobile apps in which bank clients can plan their finances, manage credits, invest money and get financial advice in chat. Most traditional banks do not offer such services in real-time, which means startups will successfully take this niche.
- The big data extracted in the process of the financial analytics and clients’ behavior can be used to create more customized services;
- Open banking API provides a more convenient approach to work with financial instruments, more comfortable interfaces, and different analytical data for better financial management. The user will not have to open dozens of apps to check on their finances. One app will combine all the functions.
- Faster processes of all the services. Utility bills and other payments can be provided via a single app and take only one authorization.
- Lower fees for financial services because of the bigger competition on the market.
Risks of open banking API
Open banking API works closely with user data. Unfortunately, all services dealing with user data are not 100% safe from leaks or fraudulent intrusions. However, it does not mean that such apps should not be built. It means that such apps will require increased security measures, as compared to other types of apps.
Why is API-Sharing Safer than it Seems?
At first, it seems that API-sharing is risky, as it involves sharing sensitive user data. However, API-based app development is no more dangerous than any operations with user data. The reason for that is the consent of the user to share the data.
For example, the user is buying a new smartphone in an online shop and wants to contract an installment credit right away. Once the consent is given, the payment service connects via API to the bank and gathers the information about the client to assess the level of risk:
- Transactions’ statistics;
- Attestment of stable income;
- Assets’ value.
The whole process may take up to several seconds, and in no more than two clicks, the user contracts the installment credit.
Along with API-sharing goes an alternative method of data-sharing – screen scraping.
Compared to open banking, screen-scraping is a more aggressive information collection method. Via screen-scraping, the user did not only share their part of personal data. They would share their login and password to allow the third parties to enter the account on behalf of the user. This practice is more harmful to users’ data, and open banking API is a much safer alternative.
How can Startups Use an Open Banking API for New Products?
There are numerous ways in which open banking api can help cofounders. Here are some of them:
Financial management apps
Using the open banking API, you can build mobile fintech apps that collect data from users’ different accounts and make valuable insights for better financial management.
Another type of open banking API-based app is a lending app. Such an app would allow users or companies to get loans simplified. Using the data from mobile banks, the crediting company can check the reliability of the user in seconds and decide on providing or not providing the loan.
Example: Capital on Tap
Simpler Payments for Ecommerce
Another way open banking can make users' and businesses’ lives simple is by simplifying the payment process on e-commerce websites. Payments on such sites can be complicated. For example, when you purchase something online, the retailer sends a request to an “acquirer”’, such as WorldPay or Global Payments, which sends a request to Visa or MasterCard. Only then the payment happens.
Open banking makes it possible to process payments directly from the account, which is quicker and cheaper.
What are the Basic Security Rules API Providers Need to Follow?
The issue of security is one of the restraining factors that keep many jurisdictions from implementing the open banking initiative. However, as I indicated above, API integration can be secure and safe if implemented correctly. Moreover, certain countries handle these risks by introducing minimum regulations on data protection.
For example, the EU sets specific requirements for third-party companies who are going to use the API:
- Data minimization: third parties can only use so much data as they need to provide their services;
- The use of data is only allowed after the explicit consent of customers;
- Such consent can only be taken under certain conditions;
- Third-party companies should comply with all due diligence regulations.
What’s Next for Open Banking?
At this point, countries that lag behind in open banking API risk falling behind in global markets as well. So in the years to follow, there is expected to be exponential growth within an open banking API.
Another trend expected to appear is the growth of PISP (Payments Information Service Providers). This is going to add much flexibility to how retailers process their payments. It most possibly displaces card payments and gives more flexibility with no commission.
Open banking API opens many opportunities for building fintech products and services. However, API-based app development requires much effort and attention to detail. Moreover, you will need to communicate with the bank and the API provider.
Uptech has experience working with a US company on a project involving open API integration, so we know how to do it step by step.
Contact our sales manager to talk about your idea.