Manage all aspects of the third party developer experience by providing a common developer portal with a catalogue of PSD2 APIs from participating banks.
AMPLIFY™ API Management Results A new open banking compliance-as-a-service marketplace that allows multiple banks and fintech providers to offer all their open APIs on one platform, with 800,000 end customers ready to use LUXHUB in 2019.
Staying competitive in the age of GAMFA (Google, Amazon, Microsoft, Facebook, and Apple)
For the last several years, fintechs have often been framed as being a big threat to banks. fintech startups can act quickly to create delightful customer experiences (CX) that drive adoption of their app products. This lets the startups create a foothold where they can expand out from being a CX-focused app into a genuine business that offers a range of nextgeneration digital services. The customers who joined them to make use of their app end up using more of their digital financial service offerings. Where fintechs can’t provide the full suite that banks offer, they partner with other fintechs — like N26 and TransferWise have done, for example — to provide a fuller complement of services, and to compete more effectively with established enterprises.
The API Days Banking APIs: State of the Market Report 2017 outlined how fintech and digital banks can use APIs to compete against traditional banks.
Some conservative banks and industry analysts still want to frame fintech as being a bank’s main competitors, and they lament a startup’s ability to iterate quickly without the hassles of a legacy infrastructure that needs to be reoriented each step of the way (let alone the internal management processes that also slow down project approval and oversight and add months to a project timeline). Others have recognized the CX capabilities of fintech as an opportunity. They have created new partnerships to leverage partner APIs so that they can offer new services within a bank’s customer-facing apps. In this way, while it is true that fintech do present some threats, partnerships can alleviate some of that risk.
By far, the bigger threat to banks’ incumbent positions are the GAMFA giants (Google, Amazon, Microsoft, Facebook, and Apple). These players already have a number of characteristics that pose significant threat to banks:
- They have large customer bases and have already built customer trust
- They regularly iterate on security and privacy, and message their customer base on their feature enhancements
- They have already implemented a platform model that allows for network effects and for consumers to co-create their own value
- They have payments licenses and, increasingly, are offering other financial services licenses
And what’s more, they are already API-literate and have dev teams working with an API-first IT architecture focus. How will banks be able to compete as GAMFA increase the financial services they offer, from payments and transfers via Facebook messaging, to Amazon merchant loans, to Microsoft loan risk modeling?
Philippe Lazier from Axway, believes one strategy banks could adopt to counter the threat of GAMFA is to experiment with more co-opetition models (or what has been referred to as “open banking”). A co-opetition model recognizes that industry competitors often need to work together in areas where the market has been commoditized, and then to specialize on their unique value propositions within that new market landscape. For many banks, the drivers towards open banking are the ability to adhere to regulations and to stay relevant to their customer base.
That is definitely the context with the Second Payment Services Directive (PSD2) in Europe, and a similar environment is emerging in other regions where national regulations are beginning to promote open banking API standards. PSD2 enables Third Party Providers (TPPs), such as fintechs, to initiate payment on behalf of a banks’ customers and to enable them to access account information, through APIs, where the bank customer has given consent. In Europe, there is no competitive benefit to releasing a unique PSD2-designed product: all banks must use the same standards to build their PSD2 APIs. Regulations also enforce banks to make consented payments and account information-sharing frictionless, which means they must be open without financial barriers such as additional fees.
So Lazier argues that it is more cost-efficient for banks to all agree to work quickly, share the same PSD2 model, and publish their APIs together so that each can then compete on their unique differentiation, whether that be extended API products, or by building relationships with specific developer segments.
This is exactly the approach being taken by new open banking platform, LUXHUB
LUXHUB: A single portal for banking APIs
LUXHUB is a new open banking service that allows multiple banks and fintech providers to offer all their open APIs on one platform.
“It’s a marketplace,” says LUXHUB CEO, Jacques Pütz. “We already have 800,000 end customers ready to use the services on our platform in 2019.”
Pütz says LUXHUB will publish a developer portal with a catalog of the PSD2 APIs available from each of the banks that came together in a co-opetition model to release their APIs.
Supervised fintechs and banks can sign up to access each individual bank’s APIs through LUXHUB. The LUXHUB platform then manages all aspects of the third-party developer experience.
- Publish each bank’s APIs
- Ensure that third parties have the appropriate AISP (Account Information Service Provider) or PISP (Payment Initiation Service Provider) certification required to access payments and account information on behalf of consenting mutual customers
- Manage API consumption by third parties (by offering a mandatory sandbox and documentation, by enabling management of API consumption, and by hosting helpdesk support)
Pütz believes this shared portal will be an important mechanism to help banks of all sizes promote their APIs to third-party developers. Each bank or fintech that signs up to release their APIs will be able to add a full catalog to their developer portal page, not just share their PSD2 standardized APIs.
“In the future, banks can create new services,” said Pütz. “An accountant may want to have more details about payments that are not in the PSD2 context. It will be possible for a bank to expose other web services as APIs that might offer this additional level of information. That could be a paid service, so banks will be able to provide that product via our platform.”
LUXHUB’s focus on providing a common developer portal for banks is an example of a new industry subsector created because of APIs and PSD2: the emergence of compliance-as-a-service products.
Pütz explains: “On our platform, we are offering a lot of services that assist banks with the validation of the AISP or PISP certificates of the third-party developers,” he said. He lists a range of examples:
- Each AISP or PISP certificate will be validated by LUXHUB, so banks don’t have to develop the workflow and internal systems to do that themselves
- At the standards level, every bank exposes their APIs in STET and Berlin Group standards
- LUXHUB helps ensure banking APIs have a 24/7 availability of access for their services.
- Since banks are obligated to offer a sandbox environment so third parties can validate their API implementations, LUXHUB offers this as well
Under PSD2 regulation (alongside other new requirements such as the General Data Protection Regulation, GDPR), banks are obligated to carry out many of the above tasks but there is no competitive advantage in doing so. Therefore, Pütz believes it makes more sense for a centralized platform to deliver all of these regulatory requirements on behalf of banks, so that banks can concentrate on how APIs will require new business models and new revenue stream pursuits in the future.
Using LUXHUB, banks can prepare reports as needed to demonstrate compliance with regulation, without having to maintain those systems internally.
A modularized platform approach
LUXHUB’s platform is composed of a suite of functionalities including the compliance-as-a-service tasks, the developer portal catalog, and API management capabilities such as being able to monitor and rate limit third-party consumption of a bank’s APIs.
Banks and fintechs wanting to utilize the platform don’t necessarily need to make use of all of those features.
The modularized approach also helps banks speed up their launch of new API products. “One big advantage is that banks now have a standard interface for integrating with third -party providers. So they can reuse the security and identification part of their PSD2 APIs for the development of new API products as well,” says Pütz.
Without LUXHUB, some banks are taking a more severe road to avoid having to duplicate the work that this open banking platform is doing. “We know of one bank already that will no longer offer payment accounts. They have said they are only doing asset management from now on, no more cards. They took this position to avoid the headache of PSD2 regulation,” Pütz said.
Enabling banks to explore new business models
Whether GAMFA giants can topple banks or take a large chunk of their market share will depend on how willing a bank is to adapt and experiment with new business models.
“Right now, the chain of value is 100% to banks, but that will change in the future,” says Pütz. “Banks will have to reinvent themselves, they will have to change their culture, and their revenue streams. The GAMFA giants have so much money and clout. Each customer of a bank is already probably a customer of Amazon. People already have trust in Amazon, so banks can’t say that trust is their competitive advantage.”
Pütz says one of the advantages of the common open banking platform approach is that banks can work together to identify non-PSD2 API opportunities. And by leveraging the demand side, LUXHUB can introduce strategic fintech API consumers to a pool of banks to discuss new products and business partnerships. Pütz gives the example of a fintech with a very specialized financial services offering. Via the LUXHUB platform, banks could offer a white label version of the fintech’s service via their shared LUXHUB APIs. “That is one revenue stream for banks in the future, in my opinion,” suggests Pütz.
Built with a security focus, using Axway’s API management solution
LUXHUB is built in a managed service environment, hosted in Luxembourg, with no intention of using cloud service providers to hold their data. LUXHUB has an accredited tier-4 data center environment.
Using Axway AMPLIFY API Management, LUXHUB is able to document APIs in the Open API Initiative specification, making it easier for third-party developers to understand how the API functions. LUXHUB has done the work of ensuring the API definition matches PSD2, STET, and Berlin-Group standards so they are transferable to all European jurisdictions, and will be closely watching the rollout of any other national legislation that may require additional elements to be added to their common APIs.
AMPLIFY API Management has been an essential component in enabling LUXHUB to build their platform and is similar to how banks with multiple brands and individual companies need to be able to harness separate lines of business into a common API architecture. “We use the API gateway and the embedded analytics to create our own ecosystem of products, right out of the box,” said Pütz. However, to achieve some of the additional capabilities and secure connections with individual banks, Pütz says LUXHUB had to create additional components, but that this is part of their unique value proposition.
A new banking paradigm
The world of open banking continues to shift quickly. Incumbents that appeared to have lost the battle can change strategies and win back a place at the table. One example of that occurring is in the U.S., where PayPal’s peer-to-peer transfer payment structure looked like owning the market. Banks worked in a co-opetition model last year to reinvigorate Zelle, their peer-to-peer payments infrastructure. By October last year, Zelle (and the banks behind it) had reclaimed 83% of the market share.
Could LUXHUB be another example of banks working together to fight against tech giants ubiquity? Perhaps Luxembourg is one of the most unlikely places to start, although their story is already one of leapfrogging attitudes and traditional mindsets. In 2015, Luxembourg was the only EU country to vote against the introduction of PSD2 regulations. Now they are the first country to be creating a new collaborative model that aims to invite the rest of European banks to their open banking platform.
Creating higher-order ecosystems
Business researcher and analyst Simon Wardley describes this sort of industry sector commodification as a ”climactic pattern” that leads to the creation of “higher-order systems.” He gives the analogy of electricity. There may be multiple forms of electricity generation (coal, wind, solar), but they are all fed into a single connector, the electrical power outlet in the home. Because of this standardization, new products like televisions became possible. But it doesn’t stop there. Televisions make it possible to have whole broadcasting channels (and now online streaming services) that create programs for television viewing. There are also satellite services, VPNs, out of home displays — a myriad of new industry subsectors were generated now that each business does not have to create their own electrical outlet (or to even create a basic TV set for that matter).
By creating PSD2 open banking API standards, a higher-order system is enabled that will see payments catalyze a whole new ecosystem. And beyond that there will be new features and services built. Our imaginations, and the thinking within banks, is still very limited in terms of what this new higher-order system will look like. When televisions were first released, no one thought a subsector of mobile satellite repair businesses would be a future ecosystem player, or that there would be a whole creative industry emerge that specializes just in television commercial jingles and voice-overs.
In open banking, at least in Europe, we now have the electrical outlet: the PSD2 APIs. If we stick to this analogy, two things can happen. Banks can focus on building televisions. Or banks can become like the channels that have a diverse collection of programs that can be streamed onto a common television. If each bank builds their own televisions, that is still a limited play. They might differentiate on sound or visual display quality, or on size, but by and large TVs are mostly commoditized now as well. Where the true competition lies is in the programming (and related ecosystem) that is streamed onto the television.
LUXHUB, the new Luxembourg initiative, is focused on the second model.