Allo Bank's API Strategy: Powering Digital Banking Connections

Digital bank Allo Bank started doing business in 2022. Since then their popularity and usage has skyrocketed. Within a year of launch, Allo Bank was recognized as the most downloaded digital banking app, and it’s already achieved over 10 million customers on its platform.

That means they have to power a lot of digital banking connections in a highly regulated industry. So, what’s Allo Bank’s API strategy for powering all of this? As you can imagine, it involves Kong. At API Summit 2024, Daniel Niko, Allo Bank’s Head of Application Management, shared the full story and some API-first insights others dealing with financial services can learn from.

Allo Bank’s immense API ecosystem

Allo Bank is part of the Citicorp group ecosystem. Citicorp has several business sectors — think finance, media, travel, fashion, food, retail, entertainment, and more — and at the center of these you’ll find Allo Bank powering digital needs with cloud and API services.

"Customers are now shifting in their habits. Everything is moving to digital spaces," Niko said. "The vision is for our customers to be able to use our services from the time they wake up to the time they sleep. The products we have cater to those needs."

Being at the center of an immense digital service ecosystem means Allo Bank has to partner and connect with an incredible number of setups and technologies, each one unique from what Niko's team had configured at Allo Bank. So how could they integrate with the entire ecosystem in a way that was compliant, secure, speedy, and scalable?

The checklist for a successful API strategy

To tackle Allo Bank’s mission, Niko's team knew they had to move to a solution that fulfilled certain checklist items:

• Fit in an API-first architecture: Allo Bank was moving from several monolithic applications to many microservices architected in an API-first manner, and they needed a solution that accommodated this in order to make them future-ready.
• Be able to integrate with their current CI/CD platform comprised of several proprietary systems.
• Support Allo Bank as a local partner in Indonesia, where Allo Bank is based, to assist with initial setup and integration of solutions with them.
• Find plugin-based capabilities, particularly a solution with ready-to-go plugins that could be integrated with Allo Bank’s legacy systems, saving them the hassle of creating new technology for integrations.
• Have an open source version of the solution, as well as training and education options to help them with the platform.
• Be deployable in Kubernetes, which the team at Allo Bank circled for its ability to handle heavy traffic fast and easily.
• Handle traffic spikes as well as integrate into an existing monitoring dashboard. With such a vast ecosystem of services, traffic and requests could come at any moment and be monitored and handled accordingly.
• Provide API security plugins. With this, security protocols could be handled in one place and control all microservices Allo Bank integrates with, rather than having to write them for each one. 
• Have a zero trust mechanism and role-based access controls in its API communications, critical components for an API-first setup in the finance industry. 

That’s quite a demanding checklist. But when Niko's team and Allo Bank took to the market to find a solution that fit it, they discovered Kong could support it all.

"Our previous solution was not agile with these problems. Because we’re a new bank, we’re trying to keep up with the competition," Niko said. "Kong can support all the checklists that we have. We’ve selected Kong as our partner moving forward for five to ten years to support us in our business."

With a checklist of needs for an API-first strategy and Kong chosen as its partner, Niko's team at Allo Bank began executing on their plans with a series of moving and monitoring actions. First, they moved five legacy services to Kong, then monitored and gathered metrics. Seeing great results, they decided to move their remaining services to Kong, about 15 total, and continued to monitor the results.

NIko's team was so satisfied with the results, they sunset their legacy middleware systems and are bringing everything to Kong. “We’re quite happy with the decision that we made,” Niko added. 

Allo Bank’s results with Kong

After switching to Kong to support their API-first strategy and architecture, how have things worked out for Allo Bank?

“We are quite happy with Kong, as seen by the metrics and support we have,” Niko said.

• Over 50 active services in production: After seeing great results with a handful of legacy services, Allo Bank brought all of its financial services over to Kong, and later its internal services designed to support employees. “It’s not a very complicated process to choose Kong for our API-first microservice solutions,” Niko said.
• 70% decrease in transaction cost time: Niko attributes Kong’s available custom plugins for helping adapt their legacy systems to work with new microservices and help their new architecture achieve such a massive decrease in transaction cost time — an incredible accomplishment for the scale and number of services Allo Bank supports.
• 4x the number of transactions served by Kong compared to Allo Bank’s legacy systems. As Allo Bank’s customers have grown to over 10 million, their system — bolstered by Kong Gateway — has taken on the scale in stride. 

“Ever since we moved to Kong, we can support the 4X number of transactions and 10 million customers that we have," Niko said.

Want more insights into how other organizations have leveled up their API strategy? Explore more customer stories or watch Kong customer sessions from API Summit 2024.