October 27, 2016
Banking APIs constitute the core of innovative approach to building financial products. Enabling access to data for all relevant participants of the market creates an opportunity for each of them to build a superior offering as well as for consumers to make better choices of financial products.
As the Competition and Markets Authority states in the report on retail banking, APIs make life simpler for millions of us every day by enabling us to share information, for example, about our location. They are the hidden technological drivers behind digital applications such as Facebook, Google Maps and Uber.
A variety of banking APIs providers has expanded opportunities for entrepreneurs to build solutions for different segments of the financial services industry:
Payments gateways APIs providers (Braintree, Dwolla, Stripe, Wirecard, Adyen, etc.),
Trading APIs (Xignite, Zerodha, etc.),
Authentication/verification APIs (Yodlee, Trulioo, etc.),
Remittance APIs (Uphold, PayCommerce, etc.),
Data aggregation APIs (Kontomatik, Fidor, Figo, etc.)
Financial data aggregators are some of the most interesting elements of financial APIs ecosystem as they drive valuable insights on customers’ financial behavior and enable a data-driven approach to building financial products. Financial data aggregators also comprise the basis of a responsible approach to personal finance management and are in the foundation of consumer-empowering products.
Over the past several years, FinTech innovators have been enriching the banking APIs list with exquisite examples of advanced solutions aimed to empower financial institutions and customers. In fact, the concept of open API approach became one of the centerpieces of innovation in the financial services industry largely because of the companies we will be speaking of further.
Banking APIs are known to enable banking customers – through a single application – to manage accounts held with several providers. They also allow customers to authorize the movement of funds between current and deposit accounts to help avoid overdraft charges or to benefit from higher interest payments. They let customers make simple, safe and reliable price and service quality comparisons tailored to their own usage patterns.
For businesses/institutions, banking APIs allow to monitor a current account and forecast a customer’s cash flow. Using businesses’ transaction history, API providers allow a potential lender to reliably assess business’s creditworthiness and offer better lending deals than they would without this information.
Kontomatik offers a read-only API for financial institutions, enabling them to import personal data, account balances and full statements from any supported bank to their system. To do that, Kontomatik uses end-user bank credentials (a bank login and password). The solution ensures top-notch security as Kontomatik servers store very little data. Bank passwords are never stored and financial data is removed ASAP (financial data is removed from Kontomatik servers in a 24-hour moving window. API clients, however, can force data removal at any time). Kontomatik API requires 2FA based on an API key and IP whitelist.
Kontomatik supports all major banks in ten countries on three continents and is ready to develop APIs for other countries upon request. Kontomatik supports the accessing of personal data of the account owners, current and saving accounts and transaction history from those accounts.
Under the hood, Kontomatik o mimics a human using a Web browser. By using the very same protocol as a Web browser, Kontomatik can potentially support any bank worldwide in a permissionless way. Kontomatik does not need agreements with all the supported banks as it exemplifies permissionless innovation. Kontomatik natively supports hardware tokens, SMS codes, mobile-application-generated one-time passwords, CAPTCHA pictures, anti-phishing pictures and other types of user authentication
Among the banks supported by Kontomatik technology in various countries are Deutsche Bank, mBank, Raiffeisen Bank, Santander, Citibank, HSBC, BBVA, Scotiabank, Alpha Bank, Lloyds, Barclays, etc. Kontomatik is the fastest-growing banking API provider and has been distinguished by BBVA among the three most interesting examples in the data aggregation APIs segment. Next to this, Kontomatik has been defined as one of the five most useful APIs in the financial world by Huffington Post.
Xignite APIs are used by over 40 startups with the clientele including companies such as Betterment, Wealthfront, Personal Capital, Yodlee, Oracle, SAS, Sungard, Charles Schwab, Navy Federal Credit Union, TD Ameritrade, Brinks, GE and Starbucks.
A particular API of the company called the ‘FactSet Fundamentals’ is one of the first REST-based APIs to provide accurate and trusted historical financials, fundamentals, earnings and more across more than 170 global exchanges. FactSet Fundamentals joins more than 40 other APIs for financial services in Xignite’s API library. APIs from Xignite provide back-end data integration, powering a lot of financial service ventures.
Plaid gives developers the tools to integrate with bank infrastructure and the ability to access and authorize user bank accounts. Plaid offers two primary products through its APIs that allow users and developers to effortlessly interact with financial institutions: Plaid ACH Auth and Plaid Connect.
Plaid Connect allows developers to dig into the narrative by collecting transactional data from credit, debit, checking, savings and more accounts in a clean, usable format. It intelligently matches the merchant name, category, location and address of each purchase.
The Germany-based bank offers a standardized set of RESTful APIs and management systems handled with OAuth for authentication. With Fidor, each user can receive a specific customer ID and associated bank account. Deploying the Fidor API, requests can be made for third party payments or transfers. Single transactions, as well as batch transfers or direct debit withdrawals, can be made using a single API-driven procedure. Web-based requests can be made to retrieve user information such as ID & customer email. The API enables developers to access general account management features.
Fidor combines a full banking license with its own technology and open bank APIs. The fidorOS has been designed to work with an existing core banking system and is expandable beyond traditional banking services. The banking platform is a middleware that provides support for social trading and lending, virtual currencies and emergency loans without being tied to any legacy code.
Figo Connect API allows to easily access bank accounts including transaction history and submitting payments. Bank accounts are the central domain object of this API and the main anchor point for many of the other resources. This API does not only consider classical bank accounts as accounts but also alternative banking services, e.g. credit cards or PayPal. The API does not distinguish between these two in most cases.
Figo Connect is a completely RESTful API and aims to follow as many best practices as possible. The API and its online tools are only available via HTTPS. In addition, its SDKs employ certificate pinning to validate the certificate of the API server to extend beyond the SSL trust chain.
Yodlee Interactive, a division of Yodlee, builds APIs to help customers bring innovative FinApps to market more quickly using rich consumer transactional data. It primarily offers the following two APIs: Instant Account Verification API and Aggregation API, which enables developers to get access to randomized and securitized bank data through the ability to aggregate accounts, whether it’s an investment account, a bank account, a credit card account, a rewards account, an insurance account or some other account.
Besides the above two, the company has launched an Enterprise API, custom-built and co-branded for individual financial institutions. Yodlee’s API also allows geolocation information to be added to financial data. Yodlee developers launched a new set of restful APIs called FastLink that helps a user link multiple bank accounts and cards in one place with an easy drag and drop feature at the back-end.
Pich is banking and financial data provider. The company organizes, collects and aggregates this data for businesses and developers so that they can use it in their services. With the help of Pich’s API, the user can quickly integrate to the banking infrastructure and benefit from the reliable data of these financial institutions.
Pick Link API allows aggregating user-mandated data from accounts across multiple financial institutions. The Pich API provides business and developers with reliable, clean, ￼and enriched transaction data in a machine-readable format. Pich maintains a dormant connection that becomes active the next time the user accesses the application, providing them with the most up-to-date information associated with the account.
Instantor provides online identification and financial data reports based on real-time technology, giving insight to customer’s financial situation (i.e. salary level, spending habits, payday loans, other credits and gambling, etc.) over the last 12 months. This is done through a connection to the bank in which the customer is a client.
The Open Bank Project is an open-source API and app store for banks that empower financial institutions to securely and rapidly enhance their digital offerings using an ecosystem of third-party applications and services.
The Open Bank Project offers an easy-to-use RESTful JSON API that can be connected in minutes to enable integration of bank account information via REST API and use of secure authentication via OAuth implementation. The Open Bank Project exposes transaction data in a simple and consistent structure by abstracting away the peculiarities of each banking system. This is achieved by connectors that interface between the OBP API and each core banking system. This enables application developers to write an app once, and use it for many banks.
The Open Bank Project API supports transparency services via multiple configurable views on transaction data so that, for instance, the public may see most details of an NGO’s transactions whilst still preserving privacy where required. It also supports transaction data enrichment: comments, tags and images may be added to transactions by authorized users, creating a dialogue around the data.
Salt Edge provides account data aggregation, automatic categorization, customer-oriented money management, screen scraping software, omnichannel banking solutions with client analysis and targeted marketing.
Spectre API by Salt Edge is designed both for startups and innovative enterprises who need permission-based access and bank-level security to access their customers’ multiple account types including checking, savings, credit cards, e-wallets, money-market accounts, prepaid cards, investments, insurance, loans and mortgages.
This *list of banking APIs providers offering data aggregation tools is certainly not exhaustive, but it does outline some of the most influential players. *