This year Interac Corporation announced our third-party API initiative. With this three-part series of posts, we’ll explain the importance of third-party APIs, why we think it’s important for us to offer them, and what this opportunity will mean for our developer community.
In a prior era of software development, a new technology was typically built from the ground up by a single provider and then guarded jealously from all rivals and new entrants. Services based on such siloes were often secure and reliable, but often limited in functionality, slow to change, and useful only to a defined set of users and their needs.
Today’s world could hardly be more different. Systems that are initially built for a single use case are often later re-defined as platforms, their core functionality offered to outside developers through application programming interfaces (APIs) with the expectation that those developers will discover new uses and new value propositions for the original technology. The modern “API economy” (as many now describe it) is all around us: summon an Uber to get you to work, for example, and your driver will be located and matched against your request through an API that connects Uber’s software to Google Maps. When Google first invested millions of dollars in the building of its Maps product, it likely didn’t envision the rise of Uber – but when it opened Maps to third party developers through its API, it knew that thousands of new uses would be found for its service. Uber happened to find one of them.
For understandable reasons, the financial services industry has been cautious about joining the API economy. To a financial institution, customer and client security is paramount, and giving an outside party access to a customer’s financial data – or, even more seriously, allowing them to move a customer’s money – was a proposition long seen as risky, if not outright irresponsible. The European Union, however, has moved to force a change in this mentality by issuing the Payment Services Directive 2 (PSD2). Once the directive goes into full effect in January 2018, European financial institutions will have to provide APIs that allow third-party providers (for example, mobile app developers) to access information about the accounts their customers have authorized them to see, and to initiate payments from a customer’s account to another individual or organization. To address the concerns of financial institutions, PSD2 has also been designed to mandate rigorous security protocols and the registration of third-party providers to minimize risk to customers.
What this means is that the formerly siloed and wholly proprietary systems that financial institutions have developed over decades are now being turned into platforms that very different services can access. A customer booking a vacation using a travel app, for example, will be able to pay for flights and hotels within the app and without needing to use a credit card, moving funds directly from their bank account to the airline’s and the hotel chain’s accounts. Similarly, an investor will be able to see – in real time – the cash available in each of their accounts through the investing app itself, and the same app may be able to use information about the investor’s financial habits to make better recommendations on investing strategies.
These are only the most obvious cases. As the success of the API economy in other industries has shown, opening up financial services through APIs will result in more innovation, new customer experiences and use cases, and even the inclusion of new categories of users – some of which are predictable, and many of which will surprise us.
Canada’s government has not yet decided to impose a similar directive on our country’s financial services industry, but we are strong believers in the merits of openness. In our next post we’ll tell you why we’ll soon be launching our third-party API offering.