Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Transforming the future of digital banking with APIs and DataSecOps
Journal of Digital Banking,
6
(3),
270-276
(2021)
Abstract
Digital banking involves high levels of process automation and web-based services and may include application programming interfaces (APIs) enabling crossinstitutional service composition to deliver banking products and provide transactions. It enables users to have access to their financial data via their digital devices. APIs represent as great a threat and an opportunity to banks today as the advent of the digital era once did, opening the market to greater competition around customer loyalty and engagement. Banks should not consider these APIs as simply technical interfaces that expose data to third parties but rather as radical enablers of new and attractive customer experiences. APIs are already commonplace across many industry sectors, where they are, in fact, viewed as customer products. Banks will have to follow suit in order to remain competitive. In brief, APIs are the nucleus of digital transformation. Around 84.5 per cent of those working on digital transformation initiatives state that APIs are playing a significant role in those initiatives.1 Given the risk of API-first architecture, these numbers are expected to continue to grow. There are risks, however, that companies face as a result of the increased reliance on APIs as the main driver of digital banking. Seventy one per cent of software engineers surveyed considered ‘security’ the most important factor to consider before integration with an API, which was tied for the top concern.2 While software engineers are aware of this risk, there is a need to address it not only at a technology level, but at a risk and business level as well. In order to address these risks, the concept of Data Security Operations, or ‘DataSecOps’, has arisen. DataSecOps is a discipline that empowers software engineers, data scientists, governance risk and control, cybersecurity & operations teams to work together in a single application for safer and easier access, analysis, delivery and governance of data.3 DataSecOps principles will become a critical component in addressing the security issues related to digital banking.
Keywords: API; digital era; security; DataSecOps; financial services; privacy; identity and access management
The full article is available to subscribers to the journal.
Author's Biography
Peter Lancos is the CEO and Co-Founder of eXate, which provides a universal way to manage data privacy, accelerating access to sensitive data, automating enforcement of data policies and providing a secure platform for compliant data delivery globally. Before co-founding eXate in 2015, Peter worked in a variety of senior positions at HSBC, including those of Chief Operating Officer for EMEA Markets and the Chief of Staff for Corporate and Institutional Digital. Peter has 30 years of banking experience, primarily in the markets business. He is published as part of the RegTech Book, as well as in several technical journals.
