How APIs Allow Financial Institutions to Participate in IoT Initiatives

Financial Institutions (FIs) - specifically banks, are outsourcing their own IT staff (developers, to be precise) to either build an API or an aggregator to compile incoming data and create services to better serve customers. Additionally, banks are striking partnerships with marketplace APIs and indirectly with the third-party applications that these APIs support. These partnerships along with APIs’ ability to aggregate data from myriad disjointed sources has conferred them with special status - a conjunction point in the Internet of Things (IoT) world.


Why are so many FIs banking on APIs? 

One of the main reasons why banks are incorporating APIs to attain one or many of their strategic objectives is because they can now, economically and relatively seamlessly add new features and functions into their existing services without having to overhaul legacy banking platforms. In the past, any such exercise would mean seeking approval from the main office, months-long evaluation of build versus buy options, vendor selection, drafting of an SLA and contractual agreement and then finally, eventual implementation and deployment of new features and functions. APIs bypass all these steps and bring new as well as tried and well-accepted solutions to customers in a fraction of the time, cost and hassle. APIs can access data sitting deep within legacy systems and help IT developers to spruce up existing capabilities in no time.

Executives shouldn’t confuse APIs with a duct-tape solution. Well-proven, well-accepted API offerings are compliant with and expected to abide by the stringent data privacy and security standards set by the financial services industry. This is yet another reason why secure APIs can blend in the IoT landscape, alongside device security, secure computing at the edge and encrypted data exchange, which are baseline requirements for any IoT project. Vision API (which includes biometric Authentication), discussed later in this write-up, expands on this premise.End users don’t care (nor should they notice) if legacy systems have been upgraded or if APIs have been added to the mix. For example some top-of-the-line APIs blend so well with legacy systems that they don’t even require the end-user to re-authenticate once they’ve logged into the main Portal.

APIs to shoulder part of the responsibility for Internet of Things (IoT) 

Since, in the foreseeable future, top-of-the line APIs will be setting the stage for IoT; banks should invest time to identify the types of strategic services that they would like to partner on with third parties (including data centers managing edge devices), that would help them offer new service/solutions to customers in the future. For instance, contactless payments can facilitate smart metering at parking lots, billing of utilities such as energy, water consumption, etc. in a smart city Framework. Future APIs can allow customers to view (and analyze) ‘smart billing’ dashboard alongside their regular savings/checking dashboard, that they may use to manage their daily expenses. Customers can use that insight for money management as well as to play a proactive role in advancing sustainability initiatives. This is just one of many ways APIs can bring high-tech IoT to the common man’s doorstep.

Banks should, however, pay heed when – or if - availing a set of APIs cuts into their profit stream from one of their main product lines or if it opens new cross-sell or customer acquisition channels. Of course, the latter is preferred and, in the case of the former, a cost-benefit analysis/trade-off study is suggested.

To further elaborate, APIs role as an IoT conjunction point: in the not so distant future, APIs will be integrated between businesses or a larger community of marketplaces which would most likely be hosted on a third-party infrastructure, such as Google Cloud, Amazon Web Services, or Oracle Cloud. 

This in turn will pave the way for massive data-volume exchange between parties, which will be dissected through analytics to uncover new behavioral patterns and to devise new functions/features. In this case, Total Cost of Ownership (TCO) models, access management, security responsibilities, need to be taken into account for each participant, along with their compliance requirements.

Therefore, APIs done right are anything but a duct tape solution. They are a serious revenue generating mechanism and diversification tool as they allow FIs to expand into e-commerce and retail (at the least), allow cloud services to dabble in personal finance and financial functions, and permit third parties to access top institutions and infrastructure providers. For all of these reasons along with the ability of APIs to connect to diverse industries with diverse types of service providers, they are naturally well-positioned to advance the IoT agenda.  

Which APIs Matter? 

In our opinion, there is no definite answer because a lot depends on the FIs’ business model, long-term objectives and if they are planning to diversify into other industries. For instance, Alipay started out in e-commerce and gradually made its way to financial services (payments), very much riding the success of its APIs. Earlier this year, Visa revealed its augmented and virtual reality (AR/VR) capabilities and has since been positioning itself in retail and contactless payments. However, for the purpose of this discussion, we will focus on multi-purpose, most ‘value for your buck’ APIs that we believe will add value to existing legacy infrastructures with minimal tradeoffs. 
Natural Language Processing (NLP) empowers FIs to improve linguistic-based capabilities such as sentiment analysis and language detection. NLP APIs can help banks realize cost savings and generate new revenue streams -- provided FIs do their part and investigate which business Function (front, middle or back) relies most on communication (written (speech-to-text) or verbal (text-to-speech)) as a means to create value for customers and consequently ROI for that respective department.

Google Translate, Bing Translate, Microsoft Translator are some general purpose Language APIs. FIs can develop their own or strike deals with pre-established API providers whose algorithm is ‘inspired’ (replicates reasoning) by these three. These three are fairly robust with a rich lexicon and can serve as a good starting point. In the API world it is encouraged to not reinvent the wheel. For instance, email trails in money laundering can certainly use sentiment analysis, as can customer service logs during peak hours.

A Language API, one that supports NLP, natural language generation (NLG), and natural language understanding (NLU), can be used to detect suspicious activity and money trails from incoming, external emails, inter-departmental emails and memos. Additionally, Customer Service departments can use a Language API to detect how choice of words – or sentiment - impacts perception of customer care, results in successful issue resolution and if volume of repetitive complaints subside upon successful resolution at the very onset.

APIs, trained on a vast volume and high quality of data with in-built explainability, should always be given preference by FIs. Banks shouldn't just settle for "some API" unless they know exactly how they are hoping to benefit from it.

Besides assisting with the tracking of money laundering or improving customer service, Language APIs can also serve as a conjunction point to track important speech-based-commands and authentication (voice recognition) under a smart home/smart enterprise/smart things framework. For instance, an enterprise might want to track employees who accessed corporate premises during off-hours based on voice command. We highly recommend enterprises to separate ‘speech dashboards’ from balance sheet/income statement dashboards. 

These are some high-level examples. Financial institutions should continue to evaluate if capabilities and functionality of APIs can be integrated between businesses and larger communities or marketplaces. As APIs and OpenBanking garner greater acceptance, they will serve as essential conjunction points. FIs will have to prioritize key players and strike a balance around data sharing, data privacy, customer’s interest, their own interest and greater IoT ecosystem.

The Vision API is another interesting proposition for institutions wanting to cement their high-tech status. It is important to note that this technology requires more time and needs to be integrated with other branches of biometrics. The vision API, in conjunction with biometrics, can play a pivotal role in user authentication and security checks. We don’t recommend facial recognition to authenticate identity as this domain is currently under development and questions around ethical use loom large. However, iris recognition and fingerprint scanning have already proven to be successful and secure authentication mechanisms in many parts of the world across different verticals.

It is advisable that FIs - in particular, community banks and credit unions - do a cost-benefit analysis for their customer base before undertaking Vision API projects. We also believe that, of all APIs available to choose from, banks would benefit most from vision API and biometrics as they could be used to position them for future IoT projects. As mentioned earlier, secure device management, information exchange, secure (encrypted) computing and secure access are non-negotiables in the IoT ecosystem. Vision APIs are a natural fit.

In the future, certain IoT devices will only permit restricted access which, in turn, will rely on biometrics to authenticate user identity. FIs can prepare well in advance by incorporating vision APIs in their systems, starting today.

In case of more sophisticated financial functions such as Commodities Trading, institutions might want to explore Computer Vision APIs or an entirely in-built capability from the ground-up to monitor supply chain, warehouses, output, retail parking lots occupancy, etc. to forecast demand and supply and subsequently, to gauge its impact on commodity prices.

But for now, Vision APIs to manage biometrics of customers and employees is a low-risk, low-hassle foray into the world of APIs, with high value-add potential.

Be sure to read the next Financial article: Daily API RoundUp: Facebook, Great Circle-Squid, Nmap, Tradologics, Game DB