Listen to this article instead:
Open APIs in Banking Speed Fintech Innovation & Deployment
The Galileo Financial Technologies Podcast
What are open APIs in banking?
Open APIs (application programming interfaces) allow two or more programs to talk to each other. Public APIs are behind the scenes of almost everything you do online from social media apps to checking the weather and making a purchase. They’re what connect all of our mobile devices to the internet.
Open APIs in banking are used to transfer customer and transaction information between organizations. These organizations can include your company, the issuing bank, the payment processor, the card embosser, etc.
Let’s say your vision is to create a banking product that will change people’s lives. You could go about creating it in one of two ways:
You could create your own digital bank, apply for a bank charter, issue your own debit cards and set up a connection with a payments network like Visa or Mastercard.
You could plug into a platform that already has the relationships and connections to each of these.
Option No. 1 rarely happens because of the cost and time to get to market (although a few digital-only neobanks have taken the years’-long process of applying for a banking charter or acquiring a bank). A financial technology provider such as Galileo can help you get your idea off the ground faster and with less complexity by using open APIs.
The payment processor becomes the hub between you, the bank, the embosser and the payments network. And, information is shared in real-time across each platform through open APIs.
How do banking APIs work?
When it comes to banking, there are many platforms and players involved in the movement of funds, sharing of information, and transacting via POS and online. To communicate with each system, you can only use the API layers and services that the organizations have made openly available.
Open access to banking APIs and services is becoming more common as the world moves toward an open banking system. APIs play a critical role in creating a seamless user experience while at the same time keeping information safe and secure.
Each request to communicate with an external system is done via an endpoint, which simply means a point of contact for you to submit your inputs, i.e., data. With each endpoint, there is a protocol about what inputs are required and what result you’ll get in return. If you don’t supply the correct inputs, your request will get rejected.
APIs typically have documentation explaining how to communicate effectively with the endpoints.
What is an example of an open API in banking?
To dig deeper into what an open API in banking is, let’s consider a real-world example outside of banking. Think back to the last time you sat down in a restaurant and ordered food. Did you enter the restaurant, walk to the back kitchen and tell the cook what you were in the mood for? Most likely not.
You probably sat down at a table and waited for a server to ask you what you would like to order. But you didn’t come to the restaurant to talk to the server. The cook is the person you want to communicate with, but you don’t have access to the internal operations of the restaurant. Here’s a simplified process of how ordering food looks.
You tell the server (the endpoint) what you would like
The server writes down your order following a specific protocol that will determine the outcome
The order information is then taken to the kitchen and given to the cook
The cook accepts the order and prepares it
Once the order is complete, the server takes the order from the cook
Finally, the order is delivered back to you for your consumption
In this example, the server is the API. The cook has the skills and capabilities to deliver something that you want, and the server is the one that communicates and delivers between both parties.
Now let’s look at an example in the banking world. In this example, we’ll use three parties; the issuing bank, the payment processor API, and the customer’s app.
Your customer opens your app to view their account history
The payment processor receives a request to display transaction history and account balance
The information is requested from the issuing bank and the payment processor acts as the system of record
The bank receives the request and the transaction history and balance are sent to the payment processor
The information is then made available from the payment processor via an API and displayed on your app.
Lastly, the customer can view their account history and go about their day. This process happens in the blink of an eye.
Each time a customer opens their app or makes a purchase, there are a lot of things happening behind the scenes. The example above is a simplified view that only scratches the surface of everything that takes place each time someone logs into your app, but you can see how critical the passing of information is across different organizations. Open APIs in banking can be used in many different ways and scenarios.
What can banking APIs do?
Here are a few examples of what APIs can do in the banking industry.
APIs that handle core banking can create accounts, open checking and savings accounts, and check balances and transaction history, etc.
As the name implies, APIs that enable card issuance allows you to set up credit, debit, prepaid or virtual cards, activate cards, reset pins and reissue cards.
Using APIs that facilitate KYC (Know Your Customer) tasks, you can verify information about your customers such as Social Security or driver’s license number, depending on what your program is required to support.
What are Galileo’s APIs?
Galileo’s Program API enables clients to add, modify and request customer (i.e., cardholder) account data on the Galileo platform. Examples include opening/closing an account, checking an account balance, paying a bill and freezing a card.
Clients submit an API call to Galileo, e.g., to create an account. Galileo generates a response to the call that communicates to the client whether the call was successful, and returns the requested data elements, e.g., the account balance.
When a customer completes an action in a client's app (e.g., signing up for an account), a Program API call is sent to Galileo. This results in an update to the customer's account on Galileo's platform.
Galileo’s Events API alerts clients that an action was taken on a customer's account, such as an address change or the posting of an adjustment.
Clients have the option to use the Events API as a trigger to notify the customer that the action was taken on their account.
By default, Galileo applies advanced logic to authorize customers' transactions on behalf of clients. However, clients can also choose to use the Authorization Controller API (or Auth API) to actively participate in their customers' transaction approvals and declines.
With this API, during the authorization request process, Galileo can send a notification to the client with information about the authorization request. The client can then respond with a decision to approve or decline that request.
Galileo’s External Transactions API allows clients to participate in the decisioning for:
• Approving/denying bill payments
• Approving/denying ACH debits
The External Trans API process is similar to that of the Auth API, but for bill pay and ACH debits.
The Dispute API is a cloud-based, conversational API that creates and submits disputes to Galileo's dispute platform.
Learn more about Galileo’s API Stack.
Are open APIs secure?
Whether or not the API is secure depends on where it originated. At Galileo, we take extra steps to ensure our APIs are secure.
“Everything we do is designed to be secure by default,” notes Galileo’s Chief Technology Officer Jeff Currier. “That means all data and information flowing to and from our platform is encrypted, both in transit as well as at rest. We also conduct regular and frequent reviews with our information security team to ensure we meet the security standards and compliance obligations we have as an API service provider.”
Who can use open APIs for banking?
This is sort of a trick question. While open APIs are available for anyone to use, the design of the API also ensures that only authorized individuals can access individual customer data. However, not everyone will want access to them. A better question may be, who uses open APIs for banking?
89% of banks leverage APIs to collaborate with fintech firms as part of their business strategy according to the Capgemini World FinTech Report. But APIs are not just for banks, credit unions and neobanks. Here are a few other organizations that may use open APIs for banking purposes:
Why are open APIs important for banking and fintechs?
If APIs didn’t exist, entrepreneurs would have to build everything in-house to get their fintech off the ground, which is a near-impossible task. Having the ability to plug into other platforms and systems via APIs increases speed to market and scalability.
Working with APIs opens up an entire world of possibilities by lowering costs and saving time. APIs are what enable countries and the world to move toward an open banking system.
What is the difference between open banking and open APIs?
Open banking and open APIs are related but distinct concepts in the financial technology industry.
Open banking refers to a regulatory framework that requires banks to securely share customer financial data with authorized third-party providers. This allows for the creation of innovative financial services and products that are not offered by traditional banks.
Open APIs, on the other hand, refer to application programming interfaces that allow third-party developers to access bank systems and build financial services using customer financial data. Open APIs play a key role in enabling open banking by providing secure access to customer financial data.
Examples of open banking include:
Personal finance management tools that allow customers to see all their bank accounts in one place
Loan and investment services that use customer financial data to offer personalized lending and investment options
Payment services that allow customers to make real-time payments directly from their bank account
Examples of open APIs include:
An API that allows a loan provider to access a customer's bank account data to determine their creditworthiness
An API that enables a financial advisor to access a customer's investment portfolio data from multiple banks to provide more comprehensive financial advice
An API that enables a fintech company to offer customers the ability to track their spending and budgeting across all their bank accounts.
What are the benefits of API banking?
Now that you have a better understanding of what API banking is, what are the major benefits of using APIs in the fintech industry?
They make transactions faster and more secure for all customers and partners
They speed up development time and help access multiple applications
They facilitate a personalized user experience
They enhance connectivity between various financial and transactional accounts
They create a cohesive ecosystem by providing real-time access to customers for all their applications and transactions
They lower costs of entry for entrepreneurs and innovators
They save significant time by eliminating the need to develop the applications in-house
How does Galileo power digital banking?
Open APIs are reshaping the future of the financial services industry. Banks, financial institutions and other enterprises that understand and tap into their power will be the leaders in innovation now and in the future.
Galileo enables the digital banking experiences on which cardholders rely for essential services such as direct deposit, bill payments and transfers.
How Banks Are Leveraging Anti-Fraud Tech to Fight Fraud
Payments fraud is on the rise in 2023, presenting a growing threat to banks and their customers. Learn how FIs are leveraging anti-fraud technology and new industry alliances to address this challenge.
Experian and Galileo Help Consumers Build Credit without the Debt
As the world’s leading global information services company, Experian is focused on filling this void–and Galileo Financial Technologies is helping the company achieve that goal.
4 Ways Your FI Can Deliver Customer-Centric Banking in 2024
Siloed models and disconnected journeys lead to missed opportunities for FIs. Here's how a smarter, tech-based approach in customer-centric banking can create longer-lasting, more profitable banking relationships.
The Complete Card Launching 101 Manual [Downloadable Resource]
Our guide will walk you through all aspects of launching and managing a card, from understanding key partners and their roles, to designing a plan for long-term program success.
How Clients Can Mitigate Risk from Fraud with Automated Incoming ACH Screening
With rising ACH payment volumes, fraud is on the rise. Financial institutions are turning to automation, like Galileo's, to reduce risks and operational losses from ACH fraud.