Exploring the Evolution of Banks to IT Companies Offering Financial Services: SOAP to REST

Many banks globally remain stuck in the past when it comes to customer service, either providing it in physical branches or through web and mobile channels. Despite international bank ratings still generally concentrating on traditional banking services and performance, new fintech trends are often left out. I'm currently in the process of developing an internet bank at Alfa-Bank. Before that, I set up a B2B ecosystem at Sber. Before I got into the banking sector, I worked at VK (formerly Mail.ru Group) and Yandex, where I created and launched Yandex Disk. Recently, I have set up my own Telegram channel, where I discuss topics that interest me, such as fintech, management, and the ongoing conflict between being a hedonist and an eater. So, go ahead and subscribe! Meanwhile, more sophisticated banking institutions are designing new ways of interacting with their customers: instead of only providing financial services, they are now also offering to rent out their financial infrastructure, similar to the way Amazon did. Amazon had a vast amount of knowledge and experience when it came to things like cloud computing and storage for their online retail business. This prompted them to monetize said knowledge by supplying it as a service. Thus, they formed the basis of Infrastructure as a Service (IaaS), which is where they provide hardware and software to other organizations. This presents a situation where both Amazon and the mass b2b consumer benefit from the model. Amazon gains by taking advantage of unused hardware, and the consumer gains by obtaining a ready-made service in the desired amount instead of investing in creating their own system. Going as far back as 1987, banks had already begun tentative attempts to make their infrastructure available. This was when the first standard for electronic payment processing (ISO 8583) was published. Subsequently, with the emergence of ERP (Enterprise Resource Planning) systems, in particular those supplied by SAP, banks started to enthusiastically link their back-infrastructure to the customer's front-end solutions, thereby allowing an interface with the bank from corporate accounting systems. The banking service channel chosen to achieve this integration was the newly-created API. In the early 2000s, e-commerce and SaaS products were just starting to make their presence felt. There were no online stores where you could pay for products, nor were there websites where you could book trips. Uploading data to an accounting service had to be done manually, as there was little to no interconnectivity between banking products and external services. However, the emergence of Fintech and Ecom created a surge in the creation of banking APIs. Banks discovered they were capable of offering, or selling, items in addition to the standard outlets (workplace, web, mobile, contact center), integrating not only with corporate entities, but also with internet services, SaaS and electronic commerce systems. During the 2017–2018 period, foreign banks, such as BBVA, Citi, and DBS, along with our own, unveiled APIs that offer a user experience within a SaaS/Ecom structure, allowing for a smooth integration with the banking system that we, the users, may not even be aware of. I frequently refer to Klarna as an illustration. This startup has transformed into a bank and linked up 400,000 online vendors. 150 million buyers can access credit from Klarna without exiting their e-commerce websites. This Swedish bank provides a set of credit payment mechanisms which have, as evident from statistics, greatly improved sales - the average check grew by 41%, conversion rate on the checkout page by 30%, and 40% of new customers were drawn by the Klarna payment methods. For a merchant, this partnership is incredibly lucrative, as the financial service provider undertakes all credit related work. A typical shop would not be able to properly assess customers and spend money developing payment forms for diverse digital channels. For buyers, all they need to do is click on an extra payment method button when making their purchase. Merchant offers jeans, books, and tech, and Klarna covers the credit risk and transfers money for the items purchased. All is done through APIs, however, unlike the 2000s, web/mobile UI interaction is powered by the host-2-host API, factoring in the context of the user experience. Russian banks have seen tremendous growth in both financial and non-financial services as external actors join in. Together they have devised niche offerings (My Business, MoiSklad) to support businesses and be integrated into major marketplaces (Wildberries, Ozon). This expansion would not have been a reality without the bank's restructuring of their integration infrastructure. This change made integrating, which used to take months and require experts from both the bank and the partner company, much faster and easier. Taking into account the current trend of ultra-simplicity, Alfa API was designed with the modern technology stack in consideration, to provide users with the same level of convenience that Google, Yandex and other bigtech providers offer. As an example, we opted to use OAuth 2.0 + OIDC to safely exchange authorization information and create a single sign-on process with our partners. We also chose to conform to industry standards (RFC 6749, RFC 6750, RFC 7519) rather than altering them, a decision which other industry members have gone astray from for some unknown purpose. To start, the renowned professionals of the information security world crafted these regulations. If traditional methods are altered, it could lead to possible risks for banks. Furthermore, it is convenient and relatively simple to blend it in. Plus, customer trust and clarity are also important factors. Given that shielding confidential facts is a primary worry in fintech, all these concerns must be taken into consideration. Industry standards can drastically simplify the tasks of analysts, developers, testers, and security professionals. Pre-made patterns provide a means to easily find a RFC implementation for one's development environment on GitHub and integrate it within two hours. Additionally, pre-made auto-tests, common cybersecurity audits, and pre-existing pentest results can be implemented. Integrating with our platform is similar to the process of integrating with APIs from Google and Yandex. Swagger is the key tool for designing and documenting RESTful web services, giving you the ability to produce APIs with detailed documentation and view/test them through the Swagger UI without having to create a test application. We constructed a testing cycle (sandbox) with production-equivalent data so a partner can trial integrations in a safeguarded atmosphere. We're advocates of widening API use among the public, so we made our specs accessible to all. We moved away from SOAP architecture to adopt a REST API. Despite SOAP being a well-established standard for banking APIs, it is less adaptable. A REST API is more suitable for current web development as it is easier to understand and allows flexibility by using the common HTTP methods in combination with different data formats (not just XML, as SOAP). In short, it is very straightforward. However, by integrating web/mobile UI components, we are now able to interact with the end user. We've achieved a major breakthrough in the application of the banking API. As well as enabling communications between hosts, we have connected web/mobile user interface elements. Usually, a banking API will only facilitate host-to-host interaction, allowing ERP integration but preventing bank-end user contact. By linking up web/mobile user screen components though, we are now able to engage the end user. We augmented this model with web/mobile UI experiences, inviting the user to partake. For instance, we can give a convenient online loan option: the customer receives the funds via the partner's platform, and the bank is responsible for managing and performing the financial transactions. Incorporating onboarding into the API platform is, of course, already built-in. After troubleshooting certain obstructions concerning the signing of legal papers (such as OpenAPI, which isn't actually that open) and granting network access, the average amount of time to complete the integration process is two weeks. Although there have been cases of full integration in a single day, those are rather exceptions. With the advent of Bigtech approaches for building APIs and their strict compliance with industry standards, the barrier to entry has been lowered for junior and middle developers. Even senior specialists previously experienced immense difficulty in trying to implement advanced security measures; these endeavours often taking months or even years and with no guarantee of success. Such obstacles meant that many gave up on the thought of integrating with banks. Thankfully, this is no longer the case, and the world has changed for the better. The dramatic evolution of banking APIs is spurring innovative development, creating new business models and user experiences. One example of this that I find intriguing is Yandex Split. With this, customers can buy something on the installment plan without having to comprehend the financial complexities which go on behind the scenes. All of this is made possible by Yandex Market and the bank that is managing the credit process. A further illustration. Firms that are clients of Alfa-Bank can utilize Alfa ID to verify an account on SuperJob. It only takes a couple of clicks to reach the status “Furthermore Verified”, showing that the bank's personnel have information about this person and the account is genuine. Leveraging authentication, SuperJob is able to avoid the costs of producing compliance protocols and earn the confidence of job applicants. This will lead to an increase in the number of responses. API integration benefits all parties involved -- the bank, partner, and end user -- resulting in a mutually advantageous situation. Banks are projected to introduce new financial services via the API channel, SaaS and Ecom are predicted to be highly active in their integration efforts, and users will appreciate an effortless experience. If you are enthusiastic concerning integrations, investigate the norms of BigTech today. I post articles about banking tech advancements on my new Telegram channel. Here, I will cover topics such as fintech, management, Web3-infrastructure, experiences, errors, and a bit of lifestyles.

Source: https://medium.com/@0xParshikov/how-banks-become-it-companies-with-financial-services-the-path-from-soap-to-rest-c651201395fd?source=rss------fintech-5