PSD2 (Payment Services Directive 2) is about to revolutionize the provision of payment and banking services within the European Single Market. All banks will be mandated to expose APIs that allow authorized third parties secure access to account information for making payments and carrying out other kinds of banking and financial transactions. Banks will have to compete with a whole host of new entrants into the payment services markets. They include well-known global companies such as Amazon and PayPal, as well as highly innovative fintech startups. Because PSD2 is enabled through APIs, it will be vital for companies exposing and [...]
The European Single Market came into being in the early 1990s, but was in many ways more of an aspiration than a process. It wasn't just that there were a lots of vested interests that didn't necessarily want to see all of the friction removed from trans-border transactions. There were also a lot of practical and emotional reasons why people might be reluctant to obtain goods and services from countries on the other side of the continent. This was particularly the case in payment and related financial services, which was why the EU introduced the first Payment Service Directive in [...]
Measuring performance from different regions and different clouds is core to what we do and providing developers, managers and product owners with the tools needed to understand what the impact of different locations and clouds is critical. To help people with this information we've set up a network of HTTPbin servers for developers to use to test against. In each of the seven current Google Cloud regions, we have set up a small f1-micro VM running the HTTPbin API service. They are set up within a shared VPC network, which is fronted by the Google Cloud Load Balancer. They [...]
We've been trying to work out the best way of visualizing latency data by location and we're pleased to announce our first version. We're taking the data for each of the steps of an API call we log; DNS look up, connect time, handshake, processing time etc... and map it to circles of varying sized on a map. The map shows where the data center is and the color of the circle indicates the source - blue for Azure, yellow for AWS, red for IBM and green for Google. The large the circle the longer the measured latency. It's already [...]
Two changes this week. Reporting (All Locations) You can now generate reports which show the combined results from all locations.
Great news! APImetrics has just added 20 new API call locations to our options for running API calls. This includes multiple options for India, a second Korea location, more European locations (including multiple locations inside the United Kingdom), and more options for Australia. Here's a fun fact: Location has a significant impact on API performance – and having as wide a view as possible is essential. Check out a full list of our new API call locations: AWS Canada Central AWS AWS EU West 2 (London) AWS AWS US East 2 (Ohio) AWS Azure Australia East Azure Azure Australia Southeast [...]
It's as inevitable as death and taxes. At some point, previously stable APIs start to throw performance errors and generally degrade. This can manifest in a number of ways: The API starts to have more failures. There are more time outs. It gets slow for no apparent reason. There are many reasons for this, from an inattentive dev group to older equipment being used - but the net result is the same. For us here at APImetrics, it's interesting to see how our CASC (Cloud API Service Consistency) Score relates to a company's decision to depreciate the API (sunset the [...]
by Marcelo Graciolli licensed under CC BY 2.0 There are many ways to monitor API security on the web. Some APIs might have no security – you can make a simple HTTP call and get an answer back – but if for whatever reason the data is protected or monitored, it's normal to have some form of API security. This typically takes one of two major formats – an API key, or OAuth authentication. Things get very interesting with OAuth. With OAuth 2, you can set up a scope to allow access to only certain API resources. So [...]
Lots of new content and news in our April update. Check it out here, and if you're interested, why not sign up for our newsletter?
After conducting the largest analysis of API performance ever undertaken, we've reached the same conclusion as we did when we first started with APImetrics. Half of the APIs we survey STILL fall below expected quality standards. As Kin Lane, the API Evangelist says, "you wouldn’t operate an API without having the right data regarding it’s availability and stability—the same is true for the API industry, and the folks at APImetrics have those numbers." In our original study, we were only able to focus on conventional error or success codes like HTTP 200. We didn't have the sophistication to understand more of the context of our [...]