Open banking is accompanied by a slew of hopes and commitments, including democratization of Access to Account (X2A), enhanced competition between banks and fintechs, and improved control over financial data and payments for end-customers.
Fremont, CA : Several API standards incentives have been developed to promote the adoption of open banking, including Open Banking UK, Berlin Group, STET in France, Polish API, CDR in Australia, and so on. A collaboration process between API groups has also been started. In the real world of open banking, however, API users, such as fintechs and banks, have faced numerous challenges in incorporating APIs into single product propositions.
Service-level agreement (SLA)
The API has been used in software development for decades, and the general assumption is that a functioning API is nearly 100 percent accurate, based on the service level agreements of commonly used services. In the open banking environment, however, there is more than one vendor, and API providers do not provide a service level agreement. Due to scheduled or unscheduled maintenance work, banks can temporarily disable portions or entire sets of APIs, often without prior notice.
Moreover, banks can experience an issue or error with a particular API endpoint or use case that persists for months. Banks will release new API versions and deprecate old ones based on their roadmaps, with deprecated versions receiving only limited support.
The most common authentication methods listed in open banking API specifications are redirect model (web and mobile), decoupled, and embedded. Every bank, on the other hand, is different and has introduced different customer authentication elements, such as login/passwords, mobile apps, token devices, SMS, digital signatures, and other Strong Customer Authentication options (SCA).
Even if the API requirements are the same, banks can choose which authentication methods they want to support, whether it's only redirect, only decoupled, or a combination of the two. Since the user authentication journey varies from bank to bank and also depends on the form of bank customer, companies cannot create a single user journey as easily as they can with card payments.
When we speak of open banking, we usually think of the PSD2 regulation in Europe or Open Banking in the United Kingdom, but the open banking regulation has already been implemented by many countries outside of Europe. Others have chosen a structure that is close to that of Europe, although others have taken very different approaches. Furthermore, each country has its own set of data points that are special and have long been used by the banking industry.