Banking: An industry disrupted by digital

CA Southern Africa discusses how APIs enable an omnichannel, mobile-first strategy for next-generation banking experiences.

Johannesburg, 04 Sep 2020
Read time 3min 30sec

Michael Brink, CTO of CA Southern Africa, discusses banking – an industry disrupted by digital.

As banking has changed from an in-person, retail-like experience to online and now to mobile and connected devices, the industry is adopting new standards and creating regulations for data exchange and security*.

The value of these connected banking experiences comes from their ability to take place on any app or device that the bank allows to access its data. Thus, innovation in the space continues to redefine banking and provide new value to customers.

This is the concept of open banking: the use of open APIs to enable developers to build apps and technology integrations through secure access to the data and systems of traditional banks. Banks currently use internal APIs to build agile, customer-centric experiences on top of legacy systems. By creating open, external APIs, banks can enable third-party developers to create apps and services that expand the value the bank provides to its customers — such as through apps on smartphones, smartwatches and connected devices. Thus, banks spur additional integrations and services without having to invest internal resources.

This will enable a cycle of innovation that continues to change how banking is conducted. But open banking mandates that robust API management and security is in place.

New experiences, new challenges

By enabling new digital experiences on mobile apps, third-party services and connected devices, banks are opening themselves to risk by becoming further removed from the user’s transaction. 

They, therefore, must ensure they are able to authenticate the user and secure the transaction even though it takes place on a device that is outside the control of the bank. Full lifecycle in front of API management solutions addresses several key concerns, including integration ecosystem, ease of authentication and streamlined security.

Integrated ecosystem

These new banking experiences are enabled by APIs, which provide the integration and scale to support a broader ecosystem of connected devices and interfaces. APIs allow banks to expose internal data and application functionality to approved apps and services, while monitoring and controlling the flow of data. 

As innovation continues in the banking industry, integration will play a key role in enabling new digital experiences. Banks and service providers will create, deliver and consume significantly more APIs to support this digital innovation.

Ease of authentication

Tools like session management and multifactor or risk-based authentication are used to protect consumers and banks in the digital arena. High-value transactions drive for a step-up authentication method, beyond the username and password, to provide strengthened security. 

Additionally, if a user has been inactive for an extended period on a mobile or connected device, the session will expire and he or she will need to re-authenticate to complete a transaction. These risk-based authentication policies create a greater sense of trust for consumers as they adopt digital banking services.

Streamlined security

Finally, with the broad digital ecosystems created by APIs, banks must have a mindset of end-to-end security throughout not only their internal systems, apps and services, but also for new third- party integrations as well. By exposing customer data and account information to services like digital wallets or peer-to- peer payment apps, banks must ensure that data is protected, and that these services have access only to the limited data that the customer has consented to and that the bank has designated. This requires systems’ security, app security and API security to protect all consumer and enterprise touchpoints from compromise. Layer7 API Management provides the speed, scale and security necessary to evolve your digital banking strategy for IoT.

To learn more, please visit CA.COM/MOBILEAPI’ and see these use cases in action.


Editorial contacts
Manager: Business Development and Marketing Heidi Ziegelmeier (+27) 11 417 8594
Deirdre Blain +27 83 230 5522
See also