See what makes Kong the fastest, most-adopted API gateway
Check out the latest Kong feature releases and updates
Single platform for SaaS end-to-end connectivity
Enterprise service mesh based on Kuma and Envoy
Collaborative API design platform
How to Scale High-Performance APIs and Microservices
Call for speakers & sponsors, Kong API Summit 2023!
< 1 MIN READ
Open banking initiatives have taken flight in many economies across the globe. Predicated on the open access of banking data for the overall benefit of customer choice, open banking comes with many challenges — security not the least of them.
Giving customers the ability to easily switch providers of financial products goes a long way towards providing a more open and inclusive landscape of products for customers to choose from, and delivering better customer experiences. Giving customers more choice ultimately results in better financial decisions for the customer, and a broader playing field for the financial institutions competing for their business.
Now, across the globe, both customers and regulators are setting requirements for both transparency and trust to ensure the customer (and their personal data) is protected.
In this post, we’ll talk about embedded finance, open banking, the benefits of challenges of open banking, and how open banking APIs are driving Digital Banking Solutions.
Open banking is the process of banks and financial institutions giving customers access to their data that they can then share with third parties (with the customer’s permission, of course).
Open banking can include the sharing of balances, transactions, and payments. For an example, consider a budgeting or money management app like Mint. It can also include letting third parties initiate transactions and make a payment or withdrawal money from a customer’s account.
Third parties are able to tap into this financial data thanks to APIs (application programming interface) — or pieces of software that let applications talk to each other through a defined set of rules. Open banking is made possible thanks to APIs.
While we’re on the subject of open banking acronyms, these third parties are sometimes referred to as third party providers — or TPPs. (Because is it even a thing if there isn’t an abbreviation for it?)
Open banking is the industry’s attempt at ensuring enough customer data was securely shared with the third parties involved so that a delightful customer outcome such as this one was possible.
Regardless of the geography — and taking into account all of the benefits which open banking brings to an industry already struggling in the face of disruption from FinTech upstarts (more on those open banking benefits in a moment) — the requirements needed to be in place to make open banking a reality appear to be common: opening data with APIs, governance, consent and security. Get those things right and the final requirement; “demand”, comes naturally. If you build it (API), secure it and respect privacy (CDR), and make it easy, they will come.
All of this is made possible by the ongoing development of APIs. APIs are being used to evolve financial institutions into platforms, and they do this by allowing systems that were never designed to be linked to efficiently and securely share data. Banking as a service is driving a whole new era of active participation in the broader API economy.
APIs have existed for far longer than most people recognize. They’ve long been the programmers’ tool of choice for inter-application communication — built by programmers, for programmers — providing an interface and means by which to call each other’s code.
More recently APIs have put on their business attire and become boardroom discussions. APIs are now well defined “products” which represent core business capabilities and access to valuable data across the enterprise.
These modern APIs are well documented, easy to discover and consume, and sufficiently abstracted away from their implementation to be practical and resilient to underlying change. They also became tangible and far more business relevant.
Financial organizations use modern APIs today to modernize access to legacy systems, liberate siloed data, and break down monolithic applications into smaller, easier to manage, easier to scale components in order to rapidly increase their pace of innovation.
Living up to the promise of abstraction and simplification, APIs now provide a fantastic means by which to establish a beautiful front door to what is likely to be a not-so-tidy room. The alluring simplicity of modern API design does a wonderful job of sharing the API’s worth to the business, in the language of the business, and in a way that is relevant to the business. (All whilst keeping the complexity of its service implementation necessarily hidden and protected.)
APIs are a bank’s “enterprise LEGO bricks.” They can be assembled and reassembled at pace and at scale, taking advantage of more business-oriented tooling to compose new applications and deliver new digital experiences much faster than they ever could before.
API success is ultimately what will determine a bank’s (or any company’s) ability to compete and remain relevant in today’s modern digital world.
Banking as a service (BaaS) is making a financial institution’s digital banking services available through a third party’s products. These third parties can then offer customers things like payment services and loans without having to acquire a banking license and meet the regulatory requirements that banks must.
BaaS allows these third parties to pick and choose the digital banking services they wish to use and embed these banking services into their products.
The communications needed to handle BaaS are done securely via APIs. The third party using the bank’s services never directly has access to a customer’s finances — they only act as an intermediary.
Banking as a service is sometimes also called white-label banking or private-label financial services.
Like open banking, BaaS can create new sources of revenue and deliver a better customer experience. And the connections that make this possible are done via financial APIs. But banking as a service is NOT the same as open banking.
Open banking is about access to a bank’s data, while banking as a service is about third parties using complete banking services in their own products.
Banking as a platform is the concept of enabling third parties, such as fintech companies and tech firms, to provide services to financial institutions.
Banking as a platform allows financial institutions to focus on their area of expertise (running a bank) while tapping into technology partners’ expertise (services and software) to deliver better experiences to customers.
Banking as a service (BaaS) is basically the opposite if banking as a-platform.
Simply put, while banking as a-service is about banks letting third parties offer banking services, banking as a-platform is about third parties offering services to banks.
Built on the concept of the API economy, financial institutions are looking at what it means to become a platform. When core banking products can be easily offered by other brands (and even white-labeled to appear like a product from that other brand), it’s possible for both the brand to benefit from a happier, more fulfilled customer and the bank to benefit from potentially a net new customer.
This customer is one obtained via a new route that required very little marketing or corporate effort — with APIs and their economy potentially becoming the digital financial broker.
The APIs facilitating this exchange of value allows the bank to become a platform provider in the market, and allows other brands to find and obtain new customers, all the while driving value and money back to the bank in the process.
The benefits of banking becoming a platform include allowing the provider (the bank) to capture more customers through routes they wouldn’t normally be able to address. They do this by allowing customers and third parties to create and provide business banking services through their own platforms.
There has been an expectation for quite a while now that perhaps some of the larger consumer brands that carry a lot of visibility, engagement, and trust (think: Apple, Google, Facebook, etc.) could offer banking and financial products (indeed, Apple have done this via their Apple Card) without needing to go through all the regulatory hurdles and themselves becomes a bank.
For the consumer, it’s about providing more choice and injecting financial products and services into their lifestyle or workflow, directly in the apps and experiences they already engage with and trust today.
Recently, HSBC announced a strategic move into banking as a-service, which looks exactly like the beginnings of banking as a platform within HSBC. In this announcement, HSBC is partnering with Oracle to embed international payments and expense management services into NetSuite’s offerings.
Using APIs as the core building blocks to exposing banking as a platform allows traditional banks to further modernize their approach to capturing and retaining customers, by allowing other brands and their existing audiences to leverage financial products and services directly within the experience they are already engaged with.
Embedded finance is when financial services meet customers where they are — often at point of sale, offering everything from buy-now-pay-later programs to insurance plans.
Examples of embedded finance include paying for your rideshare transport using the Uber or Lyft app or paying for your breakfast and coffee using the Starbucks or McDonald’s app. The Uber, Lyft, Starbucks, and McDonald’s apps connect the non-financial institution to a financial institution allowing for a transaction that doesn’t require cash or a credit card.
Most readers will likely be familiar with PayPal or Stripe as two good examples of API-led platforms helping facilitate embedded finance.
Banking as a service (BaaS) and embedded finance are related, but they’re not the same thing.
One key difference is that BaaS is the back end — it’s what goes in under the hood that enables embedded finance, which is what happens on the front end. To this end, when it comes to embedded finance it’s normally visible to a customer that the banking services are coming from an external party. (For example, seeing a branded buy-now-pay-later option on an e-commerce site.)
Financial APIs are essential to embedded finance. APIs allow for connections to be made between banks and other financial institutions and non-bank companies.
In an API integration, applications are connected and allowed to exchange data. Financial API integrations enable secure third-party access to a financial institution’s platform.
In the past, non-bank companies had to invest substantial time and money to offer financial services. This would often be accomplished by partnering with banks or other financial institutions.
With financial API integrations, businesses can now easily plug into embedded finance providers and offer the seamless and flexible transaction experiences we’ve come to expect today. It’s not unusual at all these days to see (and expect to see) financial product offerings (insurance, loans, credit) and payment options embedded within a digital experience not at all associated with a bank.
With the goal of delivering an exceptional end-to-end digital experience, brands are taking advantage of BaaS and embedded finance to bolster their digital credibility when it comes to servicing their customers throughout their buying journey.
For traditional financial institutions, APIs are providing access to core banking systems and data in order to fuel these new digital banking experiences, as well as allowing them to expose and offer banking products to an audience beyond the four walls of a bank branch, or even its brand.
For many, APIs form the backbone of open banking initiatives starting to take shape in economies around the globe. When it comes to the FinTech movement, APIs (and the wider API economy) represent a brand-new business model, allowing completely new businesses to be created, almost instantly.
APIs are challenging and disrupting a centuries-old industry. The use of APIs has skyrocketed so much over the last 10 years that API calls are now 83% of web traffic, according to Akamai. Financial APIs make up a growing percentage of that traffic as traditional banks look to digitize more offerings and neobanks grab more market share.
Banking APIs are proving to be the currency of exchange of data between applications and systems, as well as between banks and their customers. This puts the right financial product or service in the hands of consumers exactly when they need it. And it enables the customer’s dream of being able to live more, bank less, and focus on bright and prosperous financial outcomes.
The end result of the open banking revolution will essentially be the decoupling of financial products and services from the underlying systems on which they run. Just as people don’t need to care about the servers powering their Facebook session, they also won’t need to be concerned about which underlying bank is actually powering their financial services.
The obvious benefit of open banking to the customer is rather like financing being sold to a new car buyer. If the customer is offered an “ideal” banking product, in this case financing for the new purchase, in that same moment of proceeding to purchase the new car in the showroom, at a significantly better interest rate, being able to seamlessly take up that offer clearly has a positive impact on the overall customer experience.
Other benefits of open banking could include simplifying the process of obtaining new credit debit cards, allowing budgeting tools to more easily track and manage spending and making switching between banks (finally) a joyful experience.
Open banking’s payment APIs present many advantages over other payment methods for businesses, including better conversion rates and acceptance rates, and overall ease of experience.
Payment APIs also unlock lower fees for merchants — who are regularly stuck with severate fees and costs when accepting credit cards. Payment APIs also eliminate chargebacks (which can hurt companies) and see funds settled instantly (not over days).
A rather recent addition to the payment experience comes in the form of “Buy Now, Pay Later” offerings, which seem to be a real hit with the younger demographic. Wiring these newer payment methods into existing product purchasing journeys helps provide a modern, more relevant experience across a broader range of customers and their payment preferences.
Data which can be shared in open banking might include phone number, email and address, balance information, product rates, fees, features, and transaction details.
Data gathered through open banking data APIs brings many benefits to businesses, including getting a better picture of customer needs to deliver a better customer experience, improved customer onboarding, and reduced administrative work required around compliance processes. Secure, governed access to data like this goes a long way to streamlining the onboarding of new offerings for customers.
While the idea of sharing sensitive information with TPPs may sound like a security risk, open banking is a safe way to process data and payments — protecting both customers and the businesses themselves. In fact, open banking is more secure than cards or other payment methods thanks to customer authentication around each transaction.
Open banking is also kept secure thanks to directives such as PSD2. First proposed in 2015, PSD2 helped pave the way for open banking, positing that TTPS should be able to handle transactions and access data on behalf of customers.
It can seem like a win-win for businesses and customers, but there are some challenges around open banking.
Developers creating open banking applications can come across some challenges, including issues around API reliability and identity management, and the enduring concerns around privacy and trust.
Just because a banking API exists doesn’t mean it will work reliably. This can especially rear its head across third-party applications and configurations. These API performance issues can impair the seamless digital experiences open banking is supposed to offer.
A lack of universality to identity management can also be a problem for developers working on open banking applications — who lack a tried and true way to keep tabs on users across applications. This means developers may have to create their own identity management solutions and make them play well with banking APIs.
With open banking picking up pace across the world, albeit in different shapes and forms, government mandates around compliance and timeframes vary.
Interested in open banking? Kong can help you build your API strategy for 2022 and beyond. Set up a personalized demo today.
Learn how to make your API strategy a competitive advantage.