- What is an open banking API?
- Impact of open banking APIs on the user experience
- How does open banking API work?
- Functionalities of banking APIs
- Benefits of open banking
- Open banking APIs trends
- Challenges for open banking APIs
- Open banking regulations
- Banks using open banking API platforms
- Security risks associated with open banking APIs
- Top 16 open banking API examples
Today the whole world is moving towards open banking. It promotes interaction between participants in the financial market and other industries. Every day more banks, insurance companies, startups, and Fintech firms are developing new applications and digital solutions to follow the digital transformation.
On the one hand, this increases competition, but on the other hand, the more services, the more the attention and trust of customers are eroded. To take the next step in development, players need to join forces in creating common interfaces and establishing the exchange of customer and technology data.
A single system is easier to manage and secure, and the exchange of the latest developments will raise the overall level of technology while maintaining the competitive advantages of each participant. In such an ecosystem, it is easier to create innovative products and services, and not only companies but also end consumers will benefit from the introduction of open banking.
A key role in open banking is played by open APIs (aplication programming interfaces). Actually, this is what we will talk about today.
In this article:
What is an open banking API?
Open banking is a concept that you can use to create your ecosystem. Banks open data sharing and their services to third-party providers (TPP) companies in such an ecosystem. Those, in turn, can use the data to analyze and distribute products. This is achieved through application programming interfaces (APIs), which allow TPP programs to interact with bank applications. The goal is to drive innovation in digital banking and accelerate the development of new financial applications and improved services for businesses and consumers.
Open banking was initiated in 2018 by the UK Competition and Markets Authority (CMA), which directed banks to open their applications to TPP. In the same year, the European Union updated the payment services directive (PSD2) for the same purpose and introduced new security rules for accessing payment accounts and financial transactions. Whereas banks in Europe are required to disclose their information to anyone who is accredited by the regulator, the US has chosen a different path. American bankers decide for themselves who to provide data, to whom to issue accreditation, and what requirements to set. However, big changes are coming in the American banking sector. The US Treasury is launching the process of transition to the European model.
A typical use of the open banking API is to aggregate data from various bank accounts into a single view provided by the TPP application. There are two types of TPP. Payment initiation service providers (PISPs) connect to a customer's account and initiate payments on behalf of the customer. Account information service providers (AISPs) connect to a customer's bank account to provide a financial service such as money management.
Impact of open banking APIs on the user experience
As of today, the impact of open banking on existing business models and infrastructure remains one of the main topics that deprive bankers and representatives of large financial technology companies of sleep. Where the new legislation was initially perceived as a threat by the banking community, it now appears to be a source of a number of clear opportunities.
As banks and third-party developers dive into developing new service offerings, the question is, who else could benefit from open banking?
Suppose you look at the services that third-party vendors initially brought to market. In that case, it's easy to see that they were mostly about aggregating customer data in personal finance management and introducing alternative payment methods for goods and services at online merchants.
On the other hand, when paying for goods in regular stores, transfers from one account to another can also be used. In Europe, for example, instant payments are becoming more widespread. Under these conditions, merchants will be able to offer customers their alternative payment methods, bypassing the existing card payment infrastructure.
Although the change is small from the point of view of the end customer (he will pay for goods in much the same way as he would with debit cards), merchants will benefit from the fact that funds will be credited to their accounts instantly. Instant receipt of money is a definite advantage. Still, an even greater advantage for merchants is that they will be able to receive funds into their accounts not only during bank business hours. Because the innovative payment services offer to bypass the networks of existing card payment systems, retailers have the opportunity to reduce their costs in a short time.
But we should not forget about the long-term benefits of open banking. By combining instant payments, open banking, and existing loyalty programs, retailers are uniquely positioned to gain insight into consumer behavior and use that insight to develop value-added banking experiences that offer faster, more secure, and more convenient payment methods. Several solutions on the market allow customers to scan the items displayed in the store using a mobile phone camera and pay for them from the same mobile application without standing in line at the checkout. Sellers' better understanding of customer behavior opens up opportunities for them to fine-tune their offerings and increase customer loyalty.
On the topic
The Impact Of Fintech On The Future Of Banks And Financial Services
Find out how banking landscape will be reshaped by emerging technologiesRead now
How does open banking API work?
Open banking provides new opportunities for all participants in the financial technology (Fintech) market — from banks to users of services and services of banking and financial organizations.
Banking organizations that join the open banking initiative open up APIs to a range of service providers and, in return, gain access to other APIs in the banking industry, expanding their digital capabilities. After the implementation of open banking, banks can cooperate, providing customers with a service for viewing account data not only in the current bank but also in partner APIs.
In addition, banks that have joined this initiative can evaluate clients' financial "behavior" based not only on their data but also on information that they received from partners.
In general, open banking is the way to the technological progress of services, which in the modern world allows for active development. The concept was conceived as a tool for the interaction of banks — not in one country but around the world, as well as a tool for integrating new technologies in the Fintech industry. This idea was implemented, so now the project continues to develop actively.
A number of new tools are being opened for users of digital services. The most significant of them is the ability to use a single application to customers control all your accounts in different banks. Prior to this, to complete a new transaction or view the balance in different banks, you had to use different banking applications. Open banking allows you to perform all these operations in one interface.
In addition, such a global service is an excellent tool for controlling expenses and income since it collects information from different banks and not from one. The program can analyze this information, structure it, help make cost optimization decisions, obtain better loans, etc.
These tips include investments — the application "prompts" the user, based on information about the income received in the current month, how much he can invest.
These possibilities can only be realized if the user consents to use their data. And there can be difficulties with this — after all, not all bank customers agree to be ''open.''
Lastly, as mentioned above, open banking is regulated by the Payment Services Directive, which requires banks to comply with legal regulations regarding personal data. Only the client of the bank, and no one else, has the right to control their data. How well this requirement is met is another matter. What does personal accurate data control mean? For example, a client of one bank has the right to transfer their entire credit and transaction history to another bank if necessary. In a normal situation, the bank does not give access to other financial and banking organizations to this information, so if a person changes the bank, their financial transaction history (not to be confused with credit history) is reset.
To summarize, participants in the open banking ecosystem can offer customers more profitable services compared to traditional banking organizations. At the same time, services are also personalized, which simplifies and improves the interaction between users, traditional banks, and banking institution in general.
Dive deeply into the pros and cons of mobile banking to boost your business
Functionalities of banking APIs
In banking, there are many different services provided through APIs, such as KYC/AML and customer onboarding, identity verification, payments, currency exchange, card issuance, virtual IBANs, transactional SMS, and others.
Some APIs also help online merchants expand the list of payment methods on their websites and pay for goods and services directly from their e-wallet accounts. To receive and process payments, merchants first need to open an account with a PSP (payment service provider).
Benefits of open banking
Since one of the long-term results of open banking will be increased competition, incumbent banks have been reluctant to accept it. They have historically competed with Fintech companies to provide better financial services to their clients. But open banking actually provides banks with an opportunity to explore new business models where they collaborate and partner with emerging Fintech companies and other banks instead of trying to compete with them. And customers benefit in the long run, as open banking strategies give them more control over their transactional data.
This is a win-win situation for both banking customer experience and financial institutions. The client gets better access and control over their accounts and finances and can also take advantage of new features and services. Open APIs in banking enable financial institutions to offer improved services to their customers and participate in the revenue-sharing ecosystem. According to an Insider Intelligence article titled How Open Banking and Banking APIs are Boosting Fintech Growth, the research firm "projects the potential for UK revenue streams generated by open banking-enabled SMBs and retail customers to reach $2 billion by 2024."
Banks, therefore, their customers, can be big winners by using the open bank's API to open their applications to Fintech. Some advantages of APIs:
1. Faster innovation
Fintech can generally innovate and develop new applications and functionality faster than the IT teams of incumbent banks. APIs represent a great opportunity for digital banks as they allow them to rapidly adopt new features and banking products by connecting to ready-to-use solutions. Ultimately, this contributes to the overall growth of financial companies and improves the quality and variety of services available on the platform. Connecting various services through the API means you can create your solution in no time, which will work with tools and functions through the API.
2. Detailed information about clients
Fintech companies can connect to bank customer data to gain insights into customer financial trends and patterns. APIs allow banks and FinTech companies to provide a more positive customer experience or improve customer service quality. Through the API, you can connect innovative solutions that are designed to speed up many processes or make them more efficient.
3. Personalized offers
By leveraging financial trends and customer behavior patterns, Fintech can increase customer engagement by offering personalized services and recommendations. Ultimately, APIs may have an impact on the future of banking. They will connect banks, financial institutions, service providers, and consumers and help you use financial information safely and conveniently. This will increase the range of financial products and services that financial institutions can offer to a potentially wider customer base.
Open banking APIs trends
Evolving regulatory landscape
The EU spearheads open banking maturity with forward-thinking frameworks like PSD3, influencing global markets such as the US, China, India, and Australia. Proprietary payment networks emerge as vital solutions, bridging compliance and implementation challenges across diverse regions.
Digital wallet integration and A2A payments surge
A surge in account-to-account (A2A) payments, powered by open banking, is facilitated through seamless digital wallet integrations like Apple Pay and Google Pay. Anticipating widespread adoption, 75% of payment service providers plan to implement instant A2A payments within the next two years, marking a pivotal shift in transaction dynamics.
AI Integration that amplifies user experience
Open banking ventures into 2024 with a focus on integrating AI technologies to elevate customer-facing systems. Leveraging real spending patterns, third-party access to transaction data allows for personalized services, offering tailored product recommendations and enhancing users' financial well-being.
Transformational role of Banking as a Service (BaaS)
The expansion of Banking-as-a-Service (BaaS) reshapes the financial services value chain through open financial APIs, facilitating seamless customer data sharing and the introduction of innovative services. Consumer behavior reflects this shift, with 42% exploring solutions like BNPL, underscoring BaaS's influence on evolving financial service preferences.
Empowering consumers with variable recurring payments (VRP)
The UK pioneers Variable Recurring Payments (VRP), granting consumers greater control over subscriptions and payment limits. As a mature market, the UK's adoption of VRPs in 2024 is poised to set a trend, influencing similar initiatives in Europe and beyond, and placing users in command of ongoing payment parameters.
Enhancing security in open banking
In response to escalating global financial fraud, open banking emerges as a timely solution, employing instant account-to-account payments to minimize risks. Enhanced by zero-trust security, robust network protocols, and AI-assisted anti-money laundering measures, open banking, particularly with the impending PSD3 improvements, reinforces cybersecurity and safeguards against fraudulent activities.
Challenges for open banking APIs
Open bank API faces several technical challenges that revolve around the secure exchange of customer financial data. The two primary categories of open banking operators, AISPs and PISPs, involve sharing information over APIs, raising concerns about reliable functionality and contingency mechanisms. To ensure robustness, the open banking API platform needs the ability to reroute requests in case of temporary API unavailability and must prioritize security by design, incorporating frequent automated checks to prevent fraud.
Integration and open banking API standards pose significant hurdles, requiring developers to navigate the absence of a common framework for identity management and governance. Scalability considerations demand careful architecture using DevOps workflows, Docker containers, cloud computing, and microservices to handle simultaneous API requests efficiently.
Compliance with regulations like GDPR (General Data Protection Regulation), PSD2, and Open Banking is crucial for sensitive data security and privacy. The challenge extends to integration with multiple regulations worldwide, adding complexity for developers.
The challenges extend beyond the technical realm to organizational aspects, including a necessary cultural shift within financial industry. Open banking APIs require a shift from traditional risk-averse mindsets to embracing new revenue opportunities and innovative solutions. Organizational restructuring is essential to address granular access control, risk mitigation, and workflow adjustments.
In terms of risk management, the focus is on deploying robust cybersecurity measures and fraud prevention systems to safeguard open API access endpoints. Banks must establish a clear governance structure for transparent interaction with third parties and regulatory compliance.
Open banking introduces new business models and revenue streams, necessitating a shift in the talent and skills required within the banking industry. Attracting tech-savvy individuals and fostering a collaborative environment with Fintech service providers becomes imperative.
Cultural challenges involve changing the executive mindset to view customer data as a means to enhance customer experience rather than a guarded asset. Resistance to change within the traditional banking culture can hinder the adoption of open banking APIs practices. Collaboration and trust-building efforts are vital among banks, third-party companies, and customers, with strong customer authentication playing a central role.
To overcome these challenges, the industry needs a customer-centric approach, recognizing that customers control their data and should provide consent for its use in various Fintech services. Establishing transparency in data ownership, control, privacy, and security is paramount, requiring the implementation of robust frameworks and cybersecurity measures.
Open banking regulations
Banks are being encouraged and, in some cases, mandated by financial regulators to provide Fintech companies with access to customer banking data and the ability to conduct transactions. The main motive of regulators is to increase the availability of financial services for consumers through the development of competition and the weakening of the role of banks in the payment services market.
The legal framework for open banking is limited by the European Directive on Digital Payment Services PSD2, which came into force in 2018. It is this law that regulates access to payment processing by third parties with the prior consent of the client.
Like all good financial technologies, open banking is very secure. It is implemented by banks; therefore, it is subject to strict control measures. Open Banking is the result of PSD2, but they are not the same.
In Europe, Open Banking is promoted by the European Commission, which aims to increase services, provide choice, and stimulate competition & innovation in the market.
In order to meet regulatory requirements, institutions need to be familiar with PSD2 itself, the technical open banking API standards and guidelines published by the European Banking Authority (EBA), as well as API technical concepts and certifications. All processes are strictly controlled by the bank, including banking data authentication and partner authorization.
In the US, as we described above, the regulatory framework for open banking is moving towards Europe.
Article by our CTO
Banking regulations are one of the most complicated topics in Finetch. Why not discover it?
Banks using open banking APIs platforms
Some of the most well-known large banks and financial institutions, lenders, and Fintech startups are already using the Open Banking API to provide improved financial products and services in the financial services industry. Here are some examples:
O2 Banking by Telefonica Deutschland
Telefonica Deutschland has launched a mobile-only bank account that offers transactions via the mobile phone number, small instant credits, and the best mobile data plans built on the platform of the German bank Fidor.
Integrate customer financial information into Wave
Wave billing and accounting software that uses banking APIs to connect to a user's bank account, giving their customers complete control over their business finances in one place.
PayPal – Siri integration
One good example is managing the PayPal service using the Siri voice assistant. Users of the service can now send and request monetary transactions with a simple voice command, "Hey Siri, send David $1,000 via PayPal."
Payments via Meta (Facebook) Messenger
Since Meta is one of the companies that dictates trends in the technology industry, they have also implemented the open banking API into their platform. Now Meta (Facebook) users can transfer money to their friends and pay for goods without leaving the application. The company cooperates with such big financial players as Stripe, PayPal, Braintree, Visa, MasterCard, and American Express.
Security risks associated with open banking APIs
Opening banking applications for TPPs comes with risks that need to be considered. Fraud prevention should be a top priority for all parties. Frederik Mennes, head of OneSpan's Security Competence Center, categorizes these risks into three types.
- First, financial institutions open up their systems and share financial data with TPPs. Therefore, the financial institution is obliged to make sure that it works only with reliable thermal power plants. They cannot allow malicious or unauthorized TPP to access their data.
- Secondly, users of applications provided by TPPs must be properly authenticated to prevent unauthorized access when they access a financial account. This may require additional authentication, such as Strong Client Authentication (SCA).
- Thirdly, the IT infrastructure of the bank essentially now contains the IT infrastructure of the TPP. Thus, if data is leaked or otherwise compromised at the TPP, the bank may also suffer.
The first risk, described above, is associated with attempts by unauthorized TPPs to gain access to bank accounts. To protect against unauthorized access of this kind, banks may require TPPs to sign all requests digitally. TPPs must have a public/private key pair with an appropriate certificate issued by a trusted CA. This will allow the TPP to authenticate itself when communicating through open banking interfaces.
To mitigate the risk of unauthorized users accessing bank accounts, banks must use strong customer authentication and transaction monitoring in accordance with PSD2 requirements. Among other specifications, PSD2 mandates transaction authentication, where the level of authentication required to process a request depends on the level of risk of the requested transaction. For example, after logging into an open banking system, a customer's request for checking accounts balance may be processed without problems. Still, a request to transfer funds may require the user to use strong authentication.
PSD2 and related Technical Regulatory Standards (RTS) require fraud monitoring and Strong Customer Authentication (SCA) for most online payments, including those made through the open banking API. The SCA must apply to access payment account information and each payment initiation, including transactions through Open banking, unless an exception applies under the RTS. Exceptions are not mandatory, but banks can take advantage of them if they decide to do so.
In the context of open banking strategy fraud analytics programs, solutions such as OneSpan Risk Analytics support monitoring of events coming from TPPs running one or more open banking services through the open banking APIs published by the bank. OneSpan Risk Analytics provides pre-built rule scripts covering PSD2 fraud monitoring requirements, business logic, and typical fraud scenarios. These rules support new digital channels for banks, including open banking.
The open APIs required by PSD2 will lead to new, innovative banking services and applications. However, at the same time, banks must prevent criminals from accessing customer data and transactions. Therefore, banks and TPPs must be aware of the risks and offer sufficient protection. Learn more in this blog: PSD2 open banking APIs: How to Mitigate Risks.
Thank you for Subscription!
Top 16 open banking API examples
1. Moneyhub Open Finance
Moneyhub is an open finance platform that includes connectivity to thousands of financial institutions, machine-learning-powered finance analytics, engagement insights, and payments. The Moneyhub Open Finance API includes methods to manage accounts, beneficiaries, counterparties, transactions, spending analysis, savings goals, projects, tax, connections, payees, payments, users, etc.
Dapi is a unified API in open banking that allows developers to retrieve data on users' financial information and make payments within applications. Methods are available to obtain financial data about user identity, accounts, account balance, account transactions, and account metadata. Also, to perform financial operations such as payments on a user's behalf. Developers must register and conduct application creation in the Dapi dashboard.
3. Banno Consumer
Banno is a personal digital banking suite from Jack Henry & Associates, a banking technology API provider. Bannon offers all open banking solutions and an API with methods to manage account aggregation, accounts, institutions, OAuth and OpenID, tasks, transactions, etc.
ClickSWITCH enables easy direct bank deposit switching, in which users can choose which financial institution to deposit their payments or switch to another choice. The ClickSWITCH API offers programmatic access to the service, with methods for managing employees, types, customers, targets, switches, webhooks, and more.
5. Bank of America Push Notifications
The Bank of America Push Notifications API describes the expectation for push notification authentication, provides status updates for payment requests, notifies when a real-time payment is received, provides acknowledgment by a receiver (ABR), and notifies when a US real-time payment request for information (RFI) is received. Bank of America makes APIs available on the Bank of America Merrill Lynch CashPro API Developer Portal.
Tilisy is one of Open Banking API examples that provides an easy, secure way to download financial data. The Tilisy business API enables developers to get bank account transactions and account balances from all major banks. There are methods for user actions, accounts data, ASPSP country codes, etc.
7. Treasury Prime
Treasury Prime provides financial services tools for Fintech and banks, including pre-built integrations with Marqeta, Alloy, Middledesk, and developer-first APIs. The Treasury Prime API offers ways to automate customer needs, with methods to manage accounts, onboarding, card issuing, payments, counterparties, utilities, and more.
Brex is a financial technology services company with an open API to simplify financial information management for the company's partners. The Brex API enables developers' programmatic access to manage onboarding, team, payments, transactions, accounting, etc.
Solid (Solid Financial Technologies) is a financial technology platform that allows developers to create personal accounts, send payments, and issue cards. The Solid API offers methods to manage account creation, spending controls on physical and virtual cards, receiving and sending payments, plus KYC, KYB, owner, bank accounts, contacts, transactions, and more.
WorldFirst is an API for international payment integration. The API is useful for international businesses for funds-in and payments-out, for marketplace sellers to get better exchange rates, and for receiving funds in foreign currencies. API methods are available to manage rates, deals, quotes and books, recipients, payments, currency accounts, and lookups.
The Bud API enables you with the ability to manage financial tools that gain programmatic access to services for; Open Banking Aggregation, Enrichment, Insights, Affordability, Recognition, and more. It allows you to build features, applications, and digital banking experiences with endpoints that follow RESTful principles that use HTTP verbs such as; GET, POST, PUT, PATCH, and DELETE.
12. Modern Treasury
The Modern Treasury API enables ACH, wire, check, and RTP transactions in applications. Requests and responses are JSON formatted. The API can be used to manage payment orders, line items, counterparties, personal accounts, routing details, and addresses. Modern Treasury does not touch money directly; the API hooks into their clients' bank accounts, enabling them to move money and read activity.
Founded in 2013, the Fintech company offers APIs designed to connect third-party financial applications to banking services. Consumers use these integrations to plan their spending, manage their savings, and control their investments. In particular, Plaid powers the budget planning apps Mint and Acorns and the money transfer app Venmo. Plaid has over 200 million active accounts. One in four bank account holders has used Plaid at least once to link their account to an account at 11,000 financial institutions.
By the way
Discover a complete Fintech guide written by Geniusee — official Plaid partner
The OpenPayd API lets you develop custom solutions to manage your organization's payments. It offers an integration with the functionality needed for a modern finance department to manage the entire cash flow from collection to payout. OpenPayd provides a way to expand into international markets by connecting to the OpenPayd banking and payments infrastructure to scale payment flows, simplify treasury, process payments in real time, and reduce costs.
15. FinTecSystems XS2A
FinTecSystems is licensed by BaFin as a payment initiation and account information service. XS2A API is specialized in open banking and data analysis. It allows the access of accounts within a user's scope and offers AI-based turnover categorization among many other PIS and AIS services.
16. Wise Platform
Wise offers International banking services, including online money transfers. The Wise Platform API enables developers to integrate the service and manage payouts and account information, banks, affiliates, receive money, and open banking. Methods are available to manage users, transfers, comparisons, addresses, borderless accounts, etc.
Open banking is still fairly new to the banking industry. But financial institutions are already talking about taking the next step — Open Finance. Open Banking initiatives apply primarily to payment accounts. Now it's time to apply this concept to all accounts so that consumers can get a holistic view of their personal finances and financial data. There is no reason why the new services, technologies, and benefits of Open Banking cannot be applied to other financial accounts such as mortgages, investments, pensions, and insurance.
And Geniusee banking software development services can help you with that!