A Service Provider’s Guide to Open Banking
Hello from Yapily 👋
By now, even people just remotely interested in financial services technology must have come across numerous news posts, social media hashtags (#openbanking #fintech #psd2) to very thought provoking but jargon-filled white papers about Open Banking & Payment Services Directive 2 (“PSD2"), and the magnitude of disruption to the banking ecosystem as we know it. All sounds well and great, but most articles focus on What and When of Open Banking and idealistic changes.
However, we at Yapily are a curious bunch! 🤓 We are passionate problem solvers and focus on How and Why of the Open Banking. We believe
“Simplicity is the ultimate sophistication”
and we are here to answer some of those nagging questions in simple words. So without much adieu, let us get started with Open Banking basics and what we do with simple questions and answers!
So, What is Open Banking? English, please.
Open Banking is an initiative led by the UK Competition and Market Authority to push the 9 UK biggest banks to comply with the UK implementation of the Payment Service Directive 2. The directive is a consumer-focused regulatory change designed to open up competition in the European retail banking space (not just the UK!). Basically to make financial services better📈 and cheaper💸 for everyone. It will benefit everyone with a bank account (like me and you, who use bank accounts on a daily basis and small business owners who have current accounts with banks). The regulators in each of the 🇪🇺 European countries are asked to make banks work harder for people. Nowadays how, however, term Open Banking is used globally to refer to Open API in the banking space and this creates a bit of confusion…
What do you mean by “making Banks work harder for people”?
By that we mean, banks 🏦 are asked to open up their channels to other players (who are called Third Party Providers — TPPs) and share customers data when requested.
I mean, why should banks do that? Isn’t it bad for their business?
Because it is NOT banks data that is being requested, data rightfully belongs to the customer and they have rights to share it with other providers at their discretion, in a secure & easy way. 🔐
So, How can individual customers benefit from this open banking and bank data sharing?
The main benefit is that customers like you and me have more control over our bank data (not just one bank, but all our bank accounts!). We can now provide easy access to;
- 💰Our favourite app that does budgeting for us,
- ✔️Quickly verify our affordability for a mortgage with the lender, and
- 🔎 Verify our identity using bank accounts, and much much more!
Also, most importantly we now will know who has access to our data, what is the access level (only accounts/ only payments/ duration of access) and ability to easily allow/ deny access to our banks. Want to know more, visit www.openbanking.co.uk to see some of the regulated providers
All sounds great! Now, how do various financial providers access this data?
This is where regulators have oversight over these financial providers and there are few regulatory and security measures to respect. For the 9 biggest UK banks, once that is done, the providers will have to be recognised by Open Banking Implementation Entity (OBIE) in the UK 🇬🇧 as authorised TPPs.
Now, TPPs can get their users permission online and then banks and TPPs can share their users' data via secure digital communication channels called Application Programming Interfaces, in short — APIs. ⚙️
What is this API? I’m lost again! 🧐
Simplistically, APIs are the machine to machine communication channels to access users data present in banks by these TPPs. Just like we are now reading this post in English, Imagine “ Mr Bank” as a person talking to another person “ Mr Financial Service Providers” in English over a radio. Just think this radio as API! When it comes to APIs, there are a set of agreed protocols and methodologies to be followed to successfully to get the communication, think of it like military communications with the set of instructions for the repeated set of actions!
How to use the API technology to enable the benefits of open banking to end customers?
As mandated by the regulators, Banks needs to provide their own set of APIs to access and modify users data 📒 like account profile information, balances, transactions and also initiate payments 💳 on their behalf. Before banks provide access to data, very rightly so, the user needs to provide permission🔏 from their choice of Third Party Providers which is called access & consent token when it comes to computer communications.
Very well, then what is the problem?
Each bank has a slightly different approach. For example, the way service provider signs up to them, to their users' authorisation flow to customer support and availability of banking systems to access this data. For this, service providers need to have the backend infrastructure setup and establish connectivity with each of the banks which would obviously take a lot of time, resources and money in setting up but also maintaining these connectivities. It is also worth noting that just in the UK, there are more than 300 banks and in Europe almost 5000!! 👀
Imagine setting up and maintaining connectivity with each of those banks to cater to your users.
That to me sounds like a scalability and maintainability problem! What have you built to make things easier and enable open banking for financial providers?
You are absolutely right!🎯 We have focused on lifting this heavyweight backend infrastructure work while innovative fintech service providers can focus on their users and making banking better for them. Over the past few months, we have closely studied and witnessed the maturity of the 🇪🇺European Open Banking ecosystem as an insider to build a robust connectivity ecosystem to connect to banks. What we have built is an easy to use plug & play solution 🔌
What do you mean by robust connectivity ecosystem and how does it help service providers?
We have built a single interface through which service providers can connect to banks via the API. Using our platform, service providers can easily create, configure and maintain all their bank connections. Instead of creating dedicated teams, spending upfront time and struggling to keep up with banks changes and downtime, service providers can easily integrate with us in few minutes and plug into all banks.🏦We enable companies to innovate and focus on their product, while we take care of the connectivity.
So do you cater to all service providers?
We focus on the regulated service provider and we ensure they are authorised to access users data or make payments. We would never sit between our clients and their customers.
After connecting, what can they do?
Once providers connect using our system, we have made it simple for service providers to manage their users' consent to access bank data from multiple banks.
After authorisation, service providers can receive data such as users accounts, account identity information, account transaction or make payments on their behalf.
How is the data received any different from bank data?
Our API receives real-time raw data aggregated from various banks and normalises the user data so that it is cleaned and ready-to-use in service providers application.
What about the security of customers data? 🔑
We put utmost importance on data security and especially when it comes to sensitive banking data. Hence, we don’t store/access user credentials and don’t store/access users data. Also when it comes to security, we have dedicated experts working on our infrastructure security and we are 🛡ISO 27001🛡 certified. We take data security very seriously!
Who is your user? 👤 & What is the product you have built?
We focus on making the work of our client development teams easier and productive.
At the core, we offer development teams of service providers, a single powerful and RESTful Yapily API to connect to bank APIs. To manage connectivity, we provide a very easy to use app dashboard which helps connect to sandboxes and live banks plus built-in simulator to mimic bank connectivity before launching to production. We also provide very useful toolkits with each catering to specific needs of the developer such as API collection, software development kits, code examples, API docs, swagger and more. Visit https://github.com/yapily for more info.
Brilliant! How can my development team access your platform and get started? 🛠️
To get started with any API, developers typically look at API docs. We suggest you do the same. Visit https://docs.yapily.com/#get-started and it takes less than 5 mins to start making API calls. ⏰
Lastly and more importantly, how many banks have you connected to? 🏦
Thought you’d never ask! We are currently connected to all the biggest banks and building societies in the UK🇬🇧 (Open Banking entities) which covers 90+% of the UK bank accounts. And, we offer connectivity to innovative challenger banks🚀 such as Revolut, Monzo, Starling and Tide. Together with UK banks, we have few international Bank APIs in our kitty — check out Nordea, BBVA, BNP, Hellenic & Deutsche Bank. In total, we have 35 banking entities connected, only via API!
We are very happy to have a chat with businesses looking to tap into Open Banking opportunity, learn about the needs and/or have a product demo. Feel free to reach out to us at 💬 firstname.lastname@example.org.
We are eager to hear from you! 💙