For open banking to work, organizations must overcome a number of common integration challenges.
It’s one thing to talk about open banking, a practice that allows financial institutions to share data seamlessly to eliminate banking “silos” and deliver better customer experiences. It’s another thing carry out the data and application integration that make open banking work.
Indeed, developers who want to create open banking applications face a variety of barriers – some of which are purely technical and some of which have more to do with laws and politics. Let’s look at the challenges developers face when creating open banking applications, along with strategies to mitigate them.
Open banking is the use of public APIs to enable easy integration between various financial institutions’ data and services.
Since the open banking concept’s introduction several years ago, it has become a big deal because it promises to solve a long-standing problem in the banking industry: The almost total absence of integrations between different banks’ technical ecosystems. Historically, banks have tended to exist on their own islands, making it very difficult, if not totally impossible, for one bank to pull financial data from another bank, for example.
With open banking, developers can more easily create applications that leverage the data and services of multiple banks at once in order to deliver a smooth, seamless customer experience. Rather than forcing users to navigate between multiple banks’ apps in order to keep track of their finances or move money from one institution to another, open banking applications allow customers to do it all from a central location.
That, at least, is the theory. The trouble with open banking arises when developers sit down to build the applications and run into barriers like the following.
Banks can create public APIs to enable open banking. But that doesn’t guarantee the APIs will work reliably, especially across the various third-party applications and end-user configurations that they need to support.
This is one reason why the ability for developers to test third-party APIs is more important than ever. If you’re creating an open banking application, you need to be able to ensure that whichever APIs it relies on will remain available and high-performing for your users. Otherwise, you risk letting API performance problems undercut the seamless experience that open banking is supposed to deliver.
So far, there has been no effort to build any kind of universal identity management framework for open banking.
That’s a problem because it means that developers lack a reliable way of identifying and tracking users across open banking applications. Public APIs make it possible to pull data from banks, but they don’t provide a means of keeping track of which accounts belong to which customers in each bank, for example.
For now, there’s no simple solution on this front. Developers simply have to do the hard work of building their own identity management systems into open banking applications and integrating them with the APIs that banks offer.
SEE ALSO: Center for Automated Integration
Some jurisdictions have introduced compliance frameworks to govern open banking, like the E.U.’s PSD2 regulation and the British government’s Open Banking initiative. In other areas – including, currently, the United States – there is no government-led effort to standardize or regulate open banking.
This means that developers must contend with varying compliance rules when creating open banking applications. That’s not a technical problem as much as a political one. But it has technical implications because it means there are no universal technical standards that define exactly how open banking integrations should work or how they can be used.
It almost goes without saying that security risks remain a central challenge for effective open banking integrations. Protecting user data becomes harder when banks share that data with third-party applications that they can’t vet or control.
As with identity management, there is no simple solution for this challenge. Banks and developers must simply do the hard work of making open banking apps as secure as they can while also preparing to minimize the impact of the vulnerabilities that will inevitably arise.
Fintech entrepreneurs are talking excitedly about open banking, which does indeed have great promise. But to make open banking work in practice, developers must overcome the integration challenges that may make it difficult to share financial data seamlessly and securely.