The Fubon Financial team looked to API management as a way for their business to build a modern technology foundation in a reliable and scalable way. However, the team soon realized that not all API management solutions were created equal. With several subsidiaries yielding unique deployment requirements, it became a top priority to identify a lightweight solution that could offer their business the deployment flexibility it needed.

"Many API management solutions today are often highly system-integrated with a single gateway for reporting and monitoring. We were looking for a solution that offered more deployment flexibility so we could use it across disparate environments," says Su Chingwei, Chief Information Officer.

As a large financial institution with many subsidiaries, Chingwei and the team also struggled to find a solution that could meet the requirements of their many business units. They required a federated approach to API management that allowed subsidiaries to be autonomous, to allow for their own operations and scalability, but still needed the platform team at the parent company to enforce centralized policy and governance across the whole ecosystem.

After reviewing many different solutions, Fubon Financial selected Kong as its API Management solution of choice. "Many of our subsidiary companies had already onboarded Kong. Kong's deployment flexibility paves the way for our subsidiaries to operate across legacy and modern environments while expediting service integration and strengthening our connectivity," shared Chingwei.

Kong provided Fubon Financial with the ability to provision API governance in a centralized fashion across the entirety of its business, no matter which environments were being used by the various subsidiaries. As Chingwei said, "Configuration and implementation can be standardized and governed by Kong to achieve unified management. Each of our subsidiaries can now effectively manage their own operations while still keeping their records local and focusing on their core business objective."

Before Kong, Fubon Financial relied on a physical firewall IP configuration to maintain the authentication and authorization of its systems manually. This was an extremely complex and error-prone process. Now Fubon Financial leverages Kongs plugin architecture to mitigate the security risks of its external Open APIs while scaling operations across Asia without compromise.

With subsidiary autonomy and parent company central control and management, it helps to expedite API service development, facilitate audit, and define security control policies and specifications. "Kong's API platform security and governance capabilities (for example, authentication and authorization) enhance Fubon's overall security posture," says Chingwei.