API Standards: Who Watches the Watchmen?

I am fond of the saying, Who watches the watchers? When applied to the API sector, it addresses a very real problem: How do you manage standards and adherence to standards in the API space? Nacha, the payments association, have announced new standards for electronic payments APIs. The work is being led by Apigee and Accenture, two major players in enterprise APIs. Apigee famously provided one of the major gateway products, and was acquired by Google. Accenture does consulting for many, if not all of the major global finance companies. Standards make sense We see a lot of divergence around [...]

By | 2018-04-18T01:46:54+00:00 April 16th, 2018|Opinion, Sectors|0 Comments

PSD2, Open Banking and North America: Part II of II

This is part II of a two-part series. To jump back, read this first. The paradigm within PSD2 and open banking generally is that anyone can connect to anyone. A few US banks have shown some interest in using external APIs, but generally only to connect to a limited number of partners. So, the US model is very much closed banking. So there are likely few open banking API developer programs in the US that we can join. Capital One is, of course, a notable exception, although they are not really promoting true European-style open banking. Companies that provide [...]

By | 2018-04-07T08:52:10+00:00 April 6th, 2018|Fintech, Opinion, Sectors|0 Comments

PSD2, Open Banking and North America: Part I of II

It is universally accepted that Europe is far ahead of North America in the development of open banking. What activity there is mainly focuses on aggregation. But this is just one part of PSD2 (the account-related component). The payment component is much less developed. The best-known aggregator is Mint, but there are a number of other companies in this space (Acorns, Digit, Kabbage, Betterment). Mint has been around for a number of years now, but many banks are still reluctant to let third parties access customer information. This means that aggregator apps are often still reliant on screen scraping [...]

By | 2018-04-05T08:36:00+00:00 April 5th, 2018|Fintech, Opinion, Sectors|0 Comments

200 OK? Check Again.

Something we've talked a LOT about is when an API returns a HTTP 200 ok code, but the API returns an error. This can be a challenge for a gateway's passive monitoring and backend services to spot because, technically, nothing went wrong. Take a look at one we had just this morning from the APIs for a major IoT provider. HTTP/1.1 200 OK Date: Wed, 21 Mar 2018 09:10:52 GMT Server: Apache Vary: Accept-Encoding { "status": 2XXX, "body": {}, "error": "An unknown error occurred: Maintenance mode, please check http://status.fakename.com/" } It's vital to have active monitoring that not only [...]

By | 2018-03-23T09:47:05+00:00 March 22nd, 2018|Opinion, Programming Tips|0 Comments

What Do Telecoms And Banks Have In Common? APIs.

What do telecoms and banks have in common when it comes to APIs? Well, in the early days of the API revolution – as long as 3 or 4 years ago! – there was a race by telecoms to open up their backend services to APIs. The logic was they could monetize services like SMS, MMS, location, payment and so forth. What they wanted to avoid was being relegated to a role purely as a data and call provider. As a monitoring company, we did a number of projects with them. And one of the clear facts that emerged [...]

By | 2018-03-21T08:53:57+00:00 March 21st, 2018|Fintech, Opinion, Telco|0 Comments

Active Monitoring: Never Hesitate to Go Active

The transducers in the sonar for HMS Dreadnought, Britain's first nuclear submarine, were actually designed to ping all the way across the Atlantic and back again. But for the last five decades, submarines have not had that telltale "ping" sound you know from the movies. After all, going active will give away your position. But it will also give you a lot of information about your situation that you are never going to get from passive sonar. Luckily, you don't have to worry about going active with your API monitoring giving away anything to your "enemies." A manager might know [...]

By | 2018-03-14T12:42:22+00:00 March 14th, 2018|Fintech, IT and Cloud, Opinion|0 Comments

PSD2 Active API Performance Monitoring: You Can’t Do That From Here

API performance monitoring is part of managing, and here at APImetrics our mantra is: You have to manage your APIs. And if you are relying purely on passive monitoring of API gateways, you are not monitoring your APIs because you don't actually know how your APIs are really behaving from the end-user perspective. Open Banking is a cluster of innovations driven by the new technologies and pent-up customer demand for truly 21st century banking. PSD2 is a EU directive mandating that banks and financial institutions across the European Single Market allow access to their systems for the purposes of [...]

By | 2018-03-13T18:17:06+00:00 March 6th, 2018|Fintech, News, Opinion|0 Comments

Open Banking APIs: Working Together To Make It Work

In reading up on Open Banking, we recently came across an interesting letter from Olivier Guersent, the European Commission's Director‑General for Financial Stability, Financial Services and Capital Markets Union to Andrea Enria, the Chairperson of the European Banking Authority (EBA). The fact that such personages are exchanging letters about APIs tells us something about their perceived importance in the present and future worlds of open banking. And, tellingly, M. Guersent's views about how to manage APIs are aligned with the recommendations of best practices that we at APImetrics have made. The letter states: It is not possible for EBA [...]

By | 2018-03-15T07:13:20+00:00 March 2nd, 2018|Fintech, News, Opinion|0 Comments

Open Banking APIs Need PSD2 Monitoring – Now

Finextra's piece, "How Open Banking Will Blow Core Systems Out of the Water," says that the three hottest TLAs in banking are APIs, PSD2 and DLT (Distributed Ledger Technology). DLT is the generalization of blockchain-type systems. You don't have to use blocks to have a chain. According to the article, this isn't considered to be a mature technology. But though it's very exciting, it concerns us only indirectly through the use of APIs with DLT. APIs and PSD2, of course, are our bread and butter. The article raises a couple of points that we at APImetrics have been saying over [...]

By | 2018-03-14T12:47:50+00:00 February 27th, 2018|Fintech, Opinion|0 Comments

New: Monitoring the Untestable – A White Paper from APImetrics

APImetrics has just published Monitoring the Untestable, a new white paper that focuses on the Catch-22* at the heart of PSD2 and open banking: if you don’t actively monitor your production environment with synthetic transactions, you have no idea whether your bank’s APIs are truly compliant at any given moment. But banks are often reluctant (with good reason) to allow testing in the live environment. As we've said, to manage your APIs, you must monitor them. But if you are only passively monitoring your APIs, you are not monitoring them – which means you are not managing them. So, it's important to actively monitor [...]