All-In-One Scriptless Test Automation Solution!

Generic selectors
Exact matches only
Search in title
Search in content

Use Case Study

How we Implemented Open Banking APIs to Enhance Collaboration with Third-Party FinTech Platforms

Overview

Once the customer has consented to use their personal information, integrating external third-party services can open-up several benefits.

For example, integrating Open APIs of third-party solution providers into the loan portfolio management system can enhance decision-making processes.

Open API integrations can help the bank in accelerating and modernizing processes related to assessment of credit risk, to predict loan defaults, optimize loan pricing, and improve portfolio diversification strategies.

However, banks also need robust compliance testing to navigate concerns regarding compliance with regulatory standards, particularly around fairness, transparency, and data privacy.

Complexities involving the bank’s API architecture:

  • A bank’s payment processing or loan disbursal API is designed to handle various complex tasks –processing payments, verifying customer accounts, checking transaction limits, applying fraud checks, and calculating transaction fees
  • When all of these tasks are managed within a monolithic API design, it can lead to complex and deeply nested endpoint structures
  • This design required several parameters and nested substructures within a single endpoint, making it hard to maintain, prone to latency issues, and difficult for developers to use

Examples of Open APIs that you can easily integrate to collaborate with third-party solution providers:

APIs in financial operations

  • Bank reconciliation to expense tracking
  • Transaction categorization, invoice generation, and financial reporting
  • Managing payments, billing, and financial reporting

APIs for Budgeting and Saving

  • Suggests savings goals and automate transfers based on income and spending patterns
  • Investment API calls can offer personalized strategies aligned with user goals
  • Categorize expenses to generate monthly spending reports, and send alerts when budgets exceed

Personalized Finance Services

  • Retrieve account information, transaction history, and other financial data with users’ consent.
  • Let developers analyze spending habits to give personalized recommendations
  • Give offers by forging tie-ups with third-party investment advisory platforms

Our Solution: How we Integrated COBOL-Based Systems with Open APIs

  • We implemented data transformation middleware to convert COBOL data into JSON. However, the middleware added latency to API responses and required extensive testing and validation to ensure data consistency, as any mismatches could lead to compliance issues or transaction errors
  • We implemented an intermediary system that listens for transactions and immediately updates account balances in the mobile app using approximate real-time data. However, this led to discrepancies between the account balances shown in the app and those in the core banking system
  • To secure data, we implemented a secure API gateway that manages authentication, encryption, and tokenization. Yet, the COBOL system itself couldn’t directly support these protocols, requiring extensive modifications and additional layers to keep data secure
  • We used an error-logging tool within the API layer to capture detailed error data and create custom error codes for support teams. However, translating these errors to the COBOL system required further development
  • To reduce latency, we implemented an interim data store that holds a copy of transaction data in near-real-time. However, keeping this interim data store synchronized with the COBOL system required a complex event-driven architecture
  • We employed a load-balancing strategy and introduced throttling mechanisms to restrict API access based on demand. However, throttling negatively impacted customer experience, as third-party apps faced delays or limited functionality during high-traffic periods
  • To address this issue, we built a test harness that simulates the COBOL system’s behavior. However, the harness required frequent updates to match the COBOL environment and could not fully mimic live production conditions, leading to some undetected issues

Challenges

  1. Challenge of Data Incompatibility

The bank has a legacy COBOL system that stores customer data in a proprietary format. To meet regulatory demands, the bank wants to expose customer information through an open API. However, the legacy system’s data format is incompatible with modern JSON or XML structures required by the API.

How we Helped: We introduced a caching layer to store frequently requested data in JSON format, reducing the load on the middleware and improving API response times.

  1. Real-Time Transaction Processing Delays

The bank wanted to integrate a mobile banking API with its legacy COBOL core banking system to offer real-time account balance updates. However, the COBOL system processes transactions in batch mode, only updating balances at certain times of the day.

How we Helped: To address this, we implemented an asynchronous update mechanism that periodically reconciles account balances between the COBOL system and the mobile API, but this required careful customer communication to set expectations around real-time accuracy.

  1. Compliance and Security Concerns

The bank wanted to open its core banking data via an API to allow third-party fintech integrations for enhanced customer insights. However, the COBOL system was built without today’s security standards, making it challenging to safeguard sensitive information as required by modern compliance regulations, like PCI DSS for payment data.

How we Helped: While the API gateway helped with security, the performance impact of added encryption and authentication checks slowed down transaction processing. The bank invested in performance optimization but ultimately limited API usage to specific use cases due to the complexity and cost of upgrading security.

  1. Lack of API Error Handling and Monitoring

A regional bank integrated a customer account management API with its COBOL-based system to allow customers to update personal details. COBOL systems often lack modern error-handling capabilities, so when API calls failed, the system provided limited error feedback, leaving support teams without critical insights.

How we Helped: While this logging solution helped with error monitoring, the need for detailed COBOL-to-API error mappings and support for real-time monitoring delayed development by several months.

  1. Challenge of High API Latency Due to Batch Processing

A major bank developed APIs to expose transaction history to third-party budgeting apps. The COBOL-based core system relied on nightly batch processes to calculate and log customer transactions, resulting in delayed data availability in the API.

How we Helped: Although the interim store improved API response times, maintaining synchronization across the two systems required constant monitoring, with additional costs for database management and event processing.

  1. Scalability Limitations

A global bank launched a new service allowing third-party integrations with its payment API. Due to the increase in API traffic, the COBOL system struggled to handle the load as it wasn’t built to support high-volume, concurrent transactions.

How we Helped: The bank ultimately chose to offload some of the processing tasks to a cloud-based microservice, which limited direct calls to the COBOL system, improving API responsiveness while reducing the burden on the legacy infrastructure.

  1. Testing and Debugging Challenges

During API development, a bank struggled to test interactions between modern APIs and its COBOL system due to a lack of development and testing environments that fully emulated the legacy production environment. Each deployment carried a risk of unforeseen issues and downtime.

How we Helped: The bank encountered several production issues post-deployment, resulting in additional costs and reputational risk. Eventually, they invested in specialized COBOL expertise to create better testing solutions and mitigate risk.

How We Enabled Microservices Driven Architecture to Ensure the Success of Open APIs

The bank needed to seamlessly integrate with various third parties through APIs. This required an enterprise-wide adoption of microservices to ensure APIs interact with one another and consume data from core banking backend systems.

An Example of Offloading Logic to Microservices

To simplify the API, our experts begin breaking down functions and data groups into separate microservices:

  • Payment Service: Focused only on the payment processing functions
  • Customer Verification Service: Handled all customer verification checks
  • Fraud Detection Service: Dedicated to fraud checks based on customer transaction patterns
  • Fee Calculation Service: Calculated fees based on transaction details and customer account information
  • Transaction Limit Service: Checked limits based on customer history and account type

Each microservice has its own endpoint and is responsible only for a specific part of the payment process.

Example of New API Architecture

The main API endpoint for payment processing has become much simpler and follows a clear, sequential design:

When this endpoint is called, the following process happens in the background:

  • Customer Verification: API is called to confirm the customer’s identity
  • Transaction Limit Check: API verifies that the transaction is within the customer’s allowable limits
  • Fraud Detection: API verifies if the transaction matches known fraud patterns
  • Fee Calculation: API helps calculate any fees based on transaction type

Payment Processing: API notifies if all checks pass and is called to finalize the transaction

The Impact: Accelerated Application Development

  • New architecture allows the bank create and deploy 25 new application features in a few days
  • Ensures 100% adherence to regulatory requirements as mandated by PCI DSS, AML, Capital Stock, etc.
  • Resolved all latency issues and ensured 99.99% uptime in all applications used by employees and customers
Open Banking API

 

Download More Case Studies

Get inspired by some real-world examples of complex data migration and modernization undertaken by our cloud experts for highly regulated industries.

Contact Your Solutions Consultant!

India Job Inquiry / Request Form

US Job Inquiry / Request Form

Apply for Job