The exploration of data sharing and open data in banking has contributed to the development of open banks in UK and EU. In China, a number of large domestic banks such as Bank of China, China Merchants Bank, Shanghai Pudong Development Bank have launched their own open platform. Sunline have a deep understanding in the development and business essence of open bank, taking the lead in building an open financial platform and enabling banks to grasp the opportunities of open banking.
Open banking is an integral part of the digital transformation path of commercial banks, emphasizing on customer-centricity, Open API, SDK to deepen partnership between bank and third party businesses through the integration of financial services and lifestyle scenarios to enhance optimal allocation of financial resources and services efficiency, achieving a win-win for both the bank and its partners. Open Banking Ecosystem uses Banking-as-a-service (BAAS) as a medium to connect bank and technology partners, enabling bank to leverage the innovative capabilities of partners for the provide lifestyle scenario services while partners can leverage the data from banks to provide customers with customized financial services that meet their needs.
The bank opening up its finances becomes inevitable
Banks’ operating system always siloed and the IT department of the banks often have to face lengthy timeline in project delivery hence product innovation to meet the constant demand changes of customers are also affected. With an open banking business model, banks can improve their services and provide better user experience.
The urgency of open banking in small and medium-sized banks is greater than large banks because:
The capital cost and customer acquisition cost of large banks are much lower than that of small and medium-sized banks. Large banks have strong financial strength and their competitive advantages will become more and more obvious.
Small and medium-sized banks are at a disadvantage in the competition with large banks but they can partner with third party vendors on scenarios they lack, allowing the banks to focus on financial services that they excel in, enhancing the overall competitiveness of banks.
Sunline Helps Banks Seize Opportunities with Open Banking Opportunities Through Leading Open API Technology
Sunline's is one of the pioneer in open banking has helped develop numerous mature and stable solutions for banks and financial institutions of different sizes. Sunline's financial open platform is a technology platform that implements data sharing around open API technology, providing security control, open portals, API lifecycle management, operation and maintenance monitoring, sandboxing, process orchestration as well as other functions designed to help banks enrich financial scenarios and enhance financial services. As of 2019, Sunline has implemented open platform for financial institutions such as Ping An Bank, Bank of Dongguan, Bank of Zhengzhou, Bank of Dalian, Jifu Group and others.
Advanced architecture enables banks to get more with less
Sunline’s Open Platform integrates financial capabilities with lifestyle scenarios and enhance financial capacity to the scene party through the open domain.
Scene domain: The partner uses open API to implement various user scenarios.
Open domain: Open domain includes the API (SDK tool) to provide user authorized access and API gateway (used for routing and forwarding, access control, etc.) to the scene domain.
Shared domain: Provides common services to open platforms and services through process orchestration.
Open portal: Provides an entrance for API display retrieval and provides a standard process for partner access.
Integrated operation management: Includes portal website management, access process management, operation monitoring management, API gateway management, etc.
Application domain: Back-end financial applications that provide financial services.
The core competence of The Open Platform of Evergreen Technology Finance
1. API Gateway as the core domain
The key technology of open banking is API and the key technology of open platform is API gateway. Open APIs can be divided into three categories which are open internal APIs, open APIs to partners and open external APIs. As the entry of these three types of API calls needs to go through the API gateway, it is most appropriate for the API gateway to carry out the access control and authentication of different APIs.
The core functions of the API gateway are:
Routing and forwarding.
Message conversion and parameter mapping.
Multi-protocol access to the gateway supports http(s), rpc, dubbo, webservice, tcp and protocol scalability.
API governance functions including parameter check, fuse degradation, limit flow, grayscale routing, concurrent control, time-out control, etc.
Security controls such as IP black-and-white list, SSL/TLS, JWT certification, OAuth2 certification, etc.
Gateways, as the entry point for traffic require transaction-level logs and link tracking, log management, and monitor alerts. The API gateway has evolved into a feature-rich, external component that can provide services independently.
2. Open portal and integrated transport for a complete access process
Although the core domain of the gateway is completed, the API services of the open platform can communicate and reach agreement with partners through offline methods, but there are many problems associated with offline communication.
For banks:
There is no platform for unified management and release of APIs because the entire lifecycle management of the API depends on manual offline services.
There is no unified platform for access partner management because the access process relies on offline communication.
There is no authentication process for APIs consumed by partners.
For partners:
Partners do not have a unified API search portal for the APIs opened by the bank.
There is no standard access procedure for APIs provided by consumers.
By opening the portal, partners can access the complete access procedures, API display and promotion, help documents, enterprise certification, sandbox experience, developer center, call monitoring and other functions.
3. Open service
Open services are public services provided by open platforms to business parties. These services are gradually evolved by banks during the opening process and play a very important role in the opening process of APIs. Existing open services include global pipeline services, billing services, authentication services, process orchestration services, etc.
Process orchestration services
Process orchestration service is a core capability of the open platform. It can quickly connect or combine services in the industry to meet changing scene-side requirements. The open platform can achieve capability reuse through process orchestration. Internal services are orchestrated and exported via API (internal orchestration can span all-row business systems), and external requests can call corresponding API interfaces after passing authorization authentication.
Take the opening of an account to activate a ball game as an example, through the process of orchestration services, the combination of the API interface of the digital account opening of the account center, the marketing center's marketing activity compliance inspection interface and the third-party API interface of the ticketing platform are the three services that jointly achieve account opening and delivery Scene of ball game tickets.
Through the process orchestration service and services can be combined. The necessary verification and data mapping are added to provide an external combined service to the scenario.
Billing services
Billing service is an essential part of the bank's implementation of API economy and the billing service can be billed according to the billing rules set by the bank, such as the number of calls implemented.
The gateway is the unified entrance for API calls and the API gateway pushes the call pipeline information to MQ.
The billing module pulls pipeline information from MQ and stores it in the database. The daily scheduled task counts the total number of calls on T-1 day according to the application and API dimensions and saves it into the library.
Certified Licensing Services
Banks’ financial services must be exposed on the public network and security must be considered. Here, the security of the entire transaction is guaranteed by means of authentication and authorization and signing and encryption.
Open platform docking microservices framework
Open platform uses a microservice architecture system. During the implementation process, if the open platform is to interface with many microservices, there will inevitably be problems that must be solved under the microservice architecture including service dependency management, service governance, full stack level monitoring, call link analysis, log management, etc.
In order to solve the problems inherent in the microservices framework, the open platform is connected to Sunline’s microservices framework platform to obtain a full range of operation monitoring at the application service level, including application and component monitoring alarms, log analysis, link tracking, application component as well as performance monitoring and analysis.
A future-proof open banking platform cannot be achieved without the guidance and regulation of supervision as well as the support and drive of cutting-edge technologies such as artificial intelligence, big data and cloud computing. In the exploration and practice of open banking, Sunline’s Open Banking team has accumulated rich experience and API usage scenarios and has continuously improve the technical framework of its financial open platform, verifying the advanced concepts and mature capabilities. Sunline’s Open Banking team will continue to strengthen technological innovation to help banks seize the development opportunities of open banks and promote the development of open banks in China.