An Application Program Interface (API) is a piece of software that allows two or more applications to connect and communicate with one another.
Once this connection is made between software applications via APIs, data can be shared and new functions can be performed by applications based on the instructions contained in the API.
APIs operate by acting on a pre-defined set of inputs and outputs – one common approach is a request and response process to complete a particular action. For example, think about your credit union’s website. You probably have a “branch locator” tool that allows members to find the branch nearest to them using an interactive map. An API helps to facilitate that, pulling data about your branches and likely leveraging Google Maps APIs to display a searchable map.
APIs are essential for businesses to scale their technology infrastructure, as the ability to build connections between applications allows you to quickly add new features and functionalities to your existing technologies without the need to understand how another piece of software works.
Using API documentation, developers can simply follow the instructions on how to build those requests and anticipate what response will be received, allowing applications to talk to each other. You can create this connection using APIs and don’t need to understand the nuts and bolts of how that secondary software is built or coded – you can simply begin accessing its capabilities through the API. A good API should abstract the complexity of the underlying system away from the user of that API.
Without APIs, businesses would need to build every new functionality they want to add to their existing systems from the ground up. As you can imagine, the cost and time required to do this would be immense, and APIs simplify this process.
The Business Models of APIs
APIs help to drive business outcomes. How your organization uses APIs depends on the kind of outcome you’re focused on. APIs can be used both within and outside of an organization to help drive the kind of value the business is providing.
Virtually all businesses use some sort of private APIs to link their systems and exchange information between various software programs. Also known as internal APIs, these APIs are not shared or used outside of the company and are fully controlled by the organization. Most financial institutions would have some sort of private APIs connected to their banking system, for example, to produce data for downstream processes or to connect to other key applications.
Partner APIs (like those on Celero Xchange) allow businesses to expose their APIs to one another for strategic purposes and create new product offerings, add services or introduce enhanced features. There are usually set terms of agreement that dictate how partner technologies will integrate together, with access to APIs limited to specific external partners and developers. For example, we work with fintech providers that allow credit unions to quickly rollout new loan and account origination solutions, automated vehicle loan processes and more.
Public (or “open”) APIs are widely available to anyone on the internet. Some are free to use and some have costs to access them, but public APIs are generally regarded as a significant source of innovation for third-party developers who want to add new functionalities to an application without having to build it themselves.
Financial institutions need to ensure that APIs are secured and governed, because of the sensitive personal data that they likely would be providing. Some financial institutions choose to only expose APIs that don’t share account holder information, like branch details or product rate information. Open Banking will change this approach across the financial services landscape in Canada by providing a common API standard for all participants in the financial services sector to securely share data, with built-in agreements on liability and data ownership.
Composite APIs are used for complex businesses processes, where multiple APIs can be combined to create efficiencies in the request and response processes. For example, if a business needed to complete a task that requires pulling data from multiple sources, composite APIs can be used to complete that function and deliver information back through a single response instead of separate responses from each source. This is where teams with expertise in the data and integration domain can provide additional value by automating complex workflows. More importantly, data sets can be combined together in a way that provides new data, which is then more valuable than the siloed data that existed before.
SOAP vs. REST APIs
Simple object access protocol (SOAP) APIs are usually found in legacy applications, as they pre-date the adoption of the Representational state transfer (REST) architectural style.
SOAP APIs are typically more verbose, which was useful when you didn’t have another mechanism to move larger data sets. However, in today’s environments, developers expect to have RESTful implementations, and are increasingly unfamiliar with consuming SOAP APIs. From a sustainable software engineering point of view, developers should be finding ways to optimize the amount of data being used and ensuring APIs are “fit for purpose” — delivering only the data that is needed. This is also quite useful to ensure that systems are as performant as possible, especially for low-latency capabilities like real time payments.
Common Uses for APIs in Banking
There are countless ways APIs are used in banking today, but there are several interesting examples of everyday tasks that are facilitated through APIs that you may not realize.
CRM and Core Banking Integration
APIs can be used to create a two-way link between your Customer Relationship Management (CRM) system and core banking system, allowing edits and changes that are made in the CRM to be reflected in the banking system (and vice-versa).
Without APIs, any link between systems would be read-only, meaning changes to data would have to be manually updated in both systems — duplicating work and creating opportunities to make errors in data entry. APIs streamline this process and help maintain the accuracy of information across systems.
Risk and Fraud Management
Risk management and fraud management are a core area of focus for financial institutions. Fraud mitigation systems provide more value when they have access to more data. They also provide value by ensuring that data is presented in an actionable way, either to employees within a financial institution for evaluation and decision-making, or directly to account holders.
The ability to receive a real-time alert on your phone to validate that it is indeed you making a transaction while you are completing it can be facilitated through combinations of APIs, including APIs that send a notification to the phone. APIs from various source systems including core banking, digital banking, and digital wallet, can potentially include geolocation information from the API of your phone’s operating system as well.
MX and Personalization
APIs are key to delivering the real-time personalized experiences that customers now expect and find value in. For example, you may have a large amount of historical transaction data about your members’ financial accounts. By looking at past behaviours and comparing them upcoming events (such as bill payments), credit unions can begin to leverage that data to make predictions about a member’s spending habits.
If source systems of record for transactional data don’t archive that information, the benefit of referencing it for modelling can be lost. APIs that can transfer large amounts of data to an archival system where it is more cost effective, easy to access and efficient to store can leverage APIs for other uses and derive more value from them.
Developing an API Strategy
With APIs now occupying a majority of web traffic, the API economy continues to grow. The need for financial institutions to develop an API strategy is rapidly becoming one of the most pressing needs for digital transformation initiatives.
In fact, according to a 2020 McKinsey survey on APIs in banking, several interesting stats emerged from global leaders:
- Approximately 75 percent of banking APIs are used for internal purposes, with institutions who participated in the survey identifying that they plan to double the number of internal APIs by 2025.
- Almost 20 percent of banking APIs are used externally to support integration with business partners, with banks planning to double external APIs by 2025.
- 5 percent of banking APIs are used externally to generate revenue. Banks plan to triple the number of these “public APIs” by 2025.
Evaluating your plans for future API and technology integration needs today is essential, especially with open banking on the horizon in Canada. Credit unions can look to the future and evaluate their member needs to determine what APIs can support your business going forward.