API Strategy for Open Banking
API Strategy for Open Banking
Insights and case studies from leading open banking experts and API strategists.
About the Book
Within API Strategy for Open Banking, we present a holistic API perspective on open banking. We cover PSD2, open banking benefits, developer experience tips, frameworks for high-grade security and access management, and more. We've featured best practices and case studies from some of the world's largest open banking initiatives.
PSD2 EU regulation unlocked consumer data, spurring an open banking global response. Making the bank programmable is a win-win-win for banks, developers, and end consumers, but simply being an API provider doesn't guarantee an open banking advantage. It requires "API thinking" to take a holistic outside perspective that considers developer consumer needs. As banks treat their assets more like products, monolithic infrastructure is decomposing into an amalgamation of reusable components.
The financial industry has opened up, to much excitement. However, not all open banking initiatives are successful. In fact, 92% of consumers haven't heard of open banking. So how do we make them care? Banks can encourage adoption by improving the developer onboarding process and evangelizing an internal API mindset. Within API Strategy for Open Banking, we cover business reasons to adopt API-first open banking and see how open banking is being adopted in the EU, US, and UK markets.
API Strategy for Open Banking also describes how to adopt an API specification like OpenAPI to organize and standardize API design practices. It also considers how API security open standards like OAuth and the OpenID Connect FAPI profile can be used to track identity and keep open banking architecture secure.
Table of Contents
- Foreword: Embracing Open Banking
- Preface: APIs Support the Open Banking Movement
-
The Premise of PSD2 And Open Banking
- Open Banking: The Premise and Promise
- What PSD2 Means For Banks
-
6 Reasons to Embrace an API Strategy for Open Banking
- 1. Compliance
- 2. Improved Digital Agility
- 3. Premium API Products
- 4. Increased Customer Satisfaction
- 5. Potential for Collaboration
- 6. Wider Client Base
- Conclusion
-
Bring on the Players: Who Wins in Open Banking?
- What Open Banking Really Means
- Comply-first Providers
- Protectionists
- Open-first Providers
- Plotting the Opportunity
- Final Thoughts
-
Case Study: Nordea’s Journey to PSD2 Compliance, 300 Signups in 72 Hours
- A World Beyond PSD2 Compliance
- Final Thoughts
-
FinTech and APIs: Making the Bank Programmable
- What is FinTech?
- Advantages of Exposing a Bank with an API
- Banks and FinTech Can Play Nice
- Use of APIs: In-Account App Marketplace Concept
- Data Transparency and the Rise of Open Banking
- New Platforms Lead to Unexpected Innovation
- More Advances in the Financial Sector
- Conclusion
-
How Can Consumers Relate To Open Banking?
- Building Context for Consumers
- Open Banking Must Foster Trust With End Users
- Control Matters
- The Open Banking Marketplace
- Final Thoughts: How to Establish Consumer Faith in Open Banking
-
How Banks Are Becoming Uberized
- APIs are Nothing New
- Smartphones: Kindling a Change
- Time to API Up
- Building with Purpose
-
How Does Open Banking Apply to US Banks?
- Regulation in Europe
- Regulation in the US
- The Role of the Market
- Final Thoughts
-
Case Study: From API Doing to API Thinking at ING Bank
- APIs versus Web Services: What’s the Difference?
- API Doing vs API Thinking
- APIs and Customer Journeys
- Why API Doing is Equally Important
- From API Doing to API Thinking
-
Open Banking Amplifies the Need For Definition Driven APIs
- Adjusting Practices With The Shifting API Landscape
- How OpenAPI Specification (OAS) Accelerates API Development
- Supporting OAS Throughout the API Lifecycle
- Final Thought: Drive Open Banking API Strategies with OAS
-
High-Grade API Security For Banks
- Regulatory Compliance Considerations
- Identifying Vital Data
- Potential Vulnerabilities
- API Security Methodologies
- Security is The API Provider’s Responsibility
- Recent Exploits and Breaches
- Conclusion
-
Is OAuth Enough for Financial-Grade API Security?
- Can OAuth Make The Grade?
- Some Tokens Are Unbearer-able
- Away With The PKCEs
- Signed, Sealed, Delivered
- What’s Next For Financial Grade API Security?
-
OpenID Connect: Overview of Financial-grade API (FAPI) Profile
- What is FAPI?
- Adding Resilience: The Read-Only Profile
- Bullet-Proofing: The Read-Write Profile
- Improving OAuth 2.0: JWT-Secured Authorization Codes
- Decoupling Authentication: Client-Initiated Backchannel Authentication
- Final Thoughts
-
Case Study: Growing Internal API Consumption in Danske Bank
- The Path Towards APIs
- Set-and-Forget Performance
- Identifying Setbacks… and Addressing Them!
- The Results
- Summary
-
It Started With PSD2 and Personal Data
- The Status Quo
- Regulatory Impact
- The Open Banking (and Data) Landscape
- Final Thoughts
- Nordic APIs Resources
The Leanpub 60-day 100% Happiness Guarantee
Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
See full terms
80% Royalties. Earn $16 on a $20 book.
We pay 80% royalties. That's not a typo: you earn $16 on a $20 sale. If we sell 5000 non-refunded copies of your book or course for $20, you'll earn $80,000.
(Yes, some authors have already earned much more than that on Leanpub.)
In fact, authors have earned$12,046,757writing, publishing and selling on Leanpub.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them
Top Books
OpenIntro Statistics
David Diez, Christopher Barr, Mine Cetinkaya-Rundel, and OpenIntroA complete foundation for Statistics, also serving as a foundation for Data Science.
Leanpub revenue supports OpenIntro (US-based nonprofit) so we can provide free desk copies to teachers interested in using OpenIntro Statistics in the classroom and expand the project to support free textbooks in other subjects.
More resources: openintro.org.
Talking with Tech Leads
Patrick KuaA book for Tech Leads, from Tech Leads. Discover how more than 35 Tech Leads find the delicate balance between the technical and non-technical worlds. Discover the challenges a Tech Lead faces and how to overcome them. You may be surprised by the lessons they have to share.The Rails 7 Way
Obie Fernandez, Lucas Dohmen, and Tom Henrik AadlandThe Rails™ 7 Way is the comprehensive, authoritative reference guide for professionals delivering production-quality code using modern Ruby on Rails. It illuminates the entire Rails 7 API, its most powerful idioms, design approaches, and libraries. Building on the previous editions, this edition has been heavily refactored and updated.
Mastering STM32 - Second Edition
Carmine NovielloWith more than 1200 microcontrollers, STM32 is probably the most complete ARM Cortex-M platform on the market. This book aims to be the most complete guide around introducing the reader to this exciting MCU portfolio from ST Microelectronics and its official CubeHAL and STM32CubeIDE development environment.
JavaScript for hackers
Gareth HeyesLearn how to find interesting behaviour and flaws in JavaScript. Reading this book you will find the latest and greatest techniques for hacking JavaScript and generating XSS payloads. Includes ways to construct JavaScript using only +[]()! characters. Never heard of DOM Clobbering? This book has all the details.
Functional Event-Driven Architecture
Gabriel VolpeExplore the event-driven architecture (EDA) in a purely functional way. Learn to design and develop distributed systems that scale. Identify common design patterns in such systems.
Take your functional programming skills to the next level by joining me in developing a distributed system powered by Apache Pulsar and Fs2 streams, all in Scala 3!
Build Your Own Redis with C/C++
build-your-own.org- Why build Redis? Two topics to learn: network programming and data structures.
- Why from scratch? A quote from Richard Feynman: "What I cannot create, I do not understand".
- Why C? C is widely used for system programming and infrastructure software.
- Why a book? The real Redis is complex, this book breaks down the essense into easy-to-digest steps.
Machine Learning Q and AI
Sebastian Raschka, PhDHave you recently completed a machine learning or deep learning course and wondered what to learn next? With 30 questions and answers on key concepts in machine learning and AI, this book provides bite-sized bits of knowledge for your journey to becoming a machine learning expert.
Implementing DDD, CQRS and Event Sourcing
Alex LawrenceLearn how to implement DDD, CQRS and Event Sourcing. Understand the theory and put it into practice with JavaScript and Node.js. Utilize an extensive source code bundle and an interactive execution feature for a hands-on experience.
Ansible for DevOps
Jeff GeerlingAnsible is a simple, but powerful, server and configuration management tool. Learn to use Ansible effectively, whether you manage one server—or thousands.
Top Bundles
- #1
Software Architecture
2 Books
"Software Architecture for Developers" is a practical and pragmatic guide to modern, lightweight software architecture, specifically aimed at developers. You'll learn:The essence of software architecture.Why the software architecture role should include coding, coaching and collaboration.The things that you really need to think about before... - #2
CCIE Service Provider Ultimate Study Bundle
2 Books
Piotr Jablonski, Lukasz Bromirski, and Nick Russo have joined forces to deliver the only CCIE Service Provider training resource you'll ever need. This bundle contains a detailed and challenging collection of workbook labs, plus an extensively detailed technical reference guide. All of us have earned the CCIE Service Provider certification... - #3
Modern C++ Collection
3 Books
Get All about Modern C++C++ Standard Library, including C++20Concurrency with Modern C++, including C++20C++20Each book has about 200 complete code examples. Updates are included. When I update one of the books, you immediately get the updated bundle. You can expect significant updates to each new C++ standard (C++23, C++26, .. ) and also... - #4
Pattern-Oriented Memory Forensics and Malware Detection
2 Books
This training bundle for security engineers and researchers, malware and memory forensics analysts includes two accelerated training courses for Windows memory dump analysis using WinDbg. It is also useful for technical support and escalation engineers who analyze memory dumps from complex software environments and need to check for possible... - #5
1500 QUIZ COMMENTATI (3 libri)
3 Books
Tre libri dei QUIZ MMG Commentati al prezzo di DUE! I QUIZ dei concorsi ufficiali di Medicina Generale relativi agli anni: 2000-2001-2003-2012-2013-2014-2015-2016-2017-2018-2019-2020-2021 +100 inediti Raccolti in unico bundle per aiutarvi nello studio e nella preparazione al concorso. All'interno di ogni libro i quiz sono stati suddivisi per... - #6
Practical FP in Scala + Functional event-driven architecture
2 Books
Practical FP in Scala (A hands-on approach) & Functional event-driven architecture, aka FEDA, (Powered by Scala 3), together as a bundle! The content of PFP in Scala is a requirement to understand FEDA so why not take advantage of this bundle!? - #9
Growing Agile: The Complete Coach's Guide
7 Books
Growing Agile: Coach's Guide Series This bundle provides a collection of training and workshop plans for a variety of agile topics. The series is aimed at agile coaches, trainers and ScrumMasters who often find themselves needing to help teams understand agile concepts. Each book in the series provides the plans, slides, handouts and activity... - #10
Mastering Containers
2 Books
Docker and Kubernetes are taking the world by storm! These books will get you up-to-speed fast! Docker Deep Dive is over 400 pages long, and covers all objectives on the Docker Certified Associate exam.The Kubernetes Book includes everything you need to get up and running with Kubernetes!