Open Banking Amplifies the Need For Definition Driven APIs Posted in Open Banking Saoirse Hinksmon April 17, 2018 In today’s global economy, it’s no secret that consumer power is growing. Organizations all over the world are rethinking their digital strategies to maximize their customer focus and engagement. In fact, customer engagement is the catalyst that jumpstarts digital transformation, mobile first, and other strategic initiatives that aim to bring legacy systems into the modern digital age. To accomplish these initiatives, many companies look to APIs as the primary building blocks, rapidly increasing the number of internal, external, and partner APIs they rely on for business critical transactions. A tangible representation of consumer power and API growth lies in the acceptance and promotion of the Open Banking Standard. In recent months, Open Banking has been the buzzword for FinTech organizations all over the world. The Open Banking Standard tackles concerns for more institutional transparency and more options for consumers when selecting banking services and providers. Under the Open Banking Standard, banking data is shared through secure open APIs to promote consumer control and lower barriers of entry into a market that historically has been difficult to break into. With the promise of a cultural revolution, Open Banking Standard requires financial institutions to expose APIs for consumers and vendors alike. However, creating and exposing public facing APIs to a variety of consumers would require standardization to ensure that people are able to understand what the API does and what information it is supposed to return. The tricky thing about creating and deploying valuable APIs is that they need to serve both human and machine needs, both of which are inherently different. Humans prefer more instinctual, easily understandable instructions, while machines require more explicit, logic driven instructions. Implementing an API standard that both humans and machines can understand, especially with the lens of Open Banking, is essential to finding long-term success with exposed and internal APIs. Adjusting Practices With The Shifting API Landscape As financial organizations increase their reliance on APIs, a variety of different challenges arise. We’ve mentioned the challenge of designing an API so that both humans and machines can understand their functionality, but the challenge does not end there. Some of the hindrances that can impact API development and growth include: Collaboration Quality Scalability Availability Performance Security Compliance With the mounting challenges, organizations also have to keep in mind that practitioners sometimes have different needs from stakeholders, and striking the right balance between practitioner and stakeholder requirements is the only way to progress as an organization. So how can financial organizations manage all these factors, while maintaining a good balance for practitioner and stakeholder needs? Use OpenAPI: Take a definition driven approach to API development Share responsibilities: Ensure quality is a shared responsibility for Dev, Test, and Ops teams API Virtualization: Consider using service virtualization to accelerate development. Keep iterating: Monitor end-user experience and performance in pre and post production. How OpenAPI Specification (OAS) Accelerates API Development In Definition Driven API Development, you design the API definition first before any other lifecycle operation. The design of the API’s interface, requests, and responses are finalized before other lifecycle functions, like building the API’s business logic, or testing the API for errors or defects. The definition-driven approach brings with it some great benefits, such as better developer experience, team collaboration with independence, and a faster go to market time. All these help create a consumer-centric approach to API development. The OAS is to REST what WSDL was to SOAP, providing a common framework that designers, developers, testers, and devops teams can use to build and maintain APIs. The specification offers a set of rules to build and implement a REST API, is language agnostic, and is both human and machine readable. OAS offers a way for all stakeholders to discover and understand the capabilities of a service without requiring access to source code, additional documentation, or inspection of network traffic. For financial institutions specifically, this framework can help bridge the gap between consumers and institutions, without requiring additional effort from either party. Adopting this framework can help re-frame any negative consumer perception of exposed APIs; It can help break down the technology barrier between consumers and banking providers and build trust with end-users, all of which will be increasingly vital for finding success with an Open Banking initiative. For more read: The Importance of APIs for Payment Platforms Supporting OAS Throughout the API Lifecycle Instilling Quality in the Organization Typically, software teams are segmented by responsibility, although now, there is a shift to make teams more interoperable. Sharing responsibilities with explicitly defined metrics empower teams to collaborate, while maintaining responsibility and accountability. Sharing Quality metrics can help promote rapid development cycles, reduce the amount of bugs, and ensure that the APIs pushed to production retain their quality throughout the entire lifecycle. Service Virtualization Rather than mocking and sandboxing, which can limit how many scenarios can be tested at a time, service virtualization empowers teams to use virtual services instead of production services, enabling frequent and comprehensive testing even when key components are missing from the system architecture. It is especially useful in the development of complex cloud, API, and SOA-based systems, as well as at any point in a production cycle where important hardware and software components aren’t readily available for testing purposes. For API design and development in the financial industry especially, service virtualization offers a variety of benefits: Rapid creation Virtualization can be pre-packaged, modified, and reused Is not heavily manual Import real data into tests for more realistic results More and more companies are using service virtualization to improve productivity, reduce testing costs, and deploy higher-quality software in a shorter timeframe. In addition to emulating major software applications, third-party services, and even whole backend systems, the virtual assets can also be reliably shared and used by the entire production team, facilitating more efficient parallel development practices. Read More: 5 Benefits of Using Virtualization to Test Your API Monitoring End-User Experience in Pre and Post Production For most companies, API monitoring is a relatively new concept. However, for companies relying on APIs for business critical transactions, understanding the availability, performance, and functional correctness of their APIs is paramount for their digital experience delivery. Monitoring key API transactions, whether they are a simple endpoint call or APIs called in sequence, allows organizations to have full visibility into how their APIs are behaving. Identifying performance problems, remediating issues, and fixing functionality mishaps is easier than ever when you choose an API monitoring tool that can reuse functional test scripts and OAS files, and perhaps even natively add new chained API transaction monitors. Another trending strategy is to monitor APIs in pre-production environments. These monitors do not replace testing efforts, but rather complement the testing process. Pre-production monitoring offers benefits such as: Ensure that any new updates or changes will not break the monitors in production Gain a view of performance from an on-going perspective Capture performance and functionality metrics outside of the specific test case Insight into the state of your test environments themselves, so you can maintain the environment stability For more on OAS tooling, read our Review of Swagger Inspector Final Thoughts – Drive Open Banking API Strategies with OAS The implementation of Open Banking and PSD2 will only serve to heighten the pressure financial services feel to create and deploy new or additional public facing APIs. Fostering trust and transparency with both practitioners and stakeholders is only the beginning of the challenges teams will face in trying to craft great APIs, but using a framework like OAS can help streamline consistency and collaboration. Thanks to a vibrant community, many tools are available to support OAS defined APIs from development to deployment, make the adoption decision clear and the transition easy.