Raidiam Chief Technology Officer and Founding Partner, OBIE Security Architect
APIs Are Enablers: How the OpenID Financial-grade API (FAPI) is Driving Open Banking
Providing standards-based APIs for enabling access to financial data puts end-users in control of their financial data by letting them use the financial applications of their choosing to access and organize their financial lives. In 2017, the OpenID Foundation’s Financial-grade API (FAPI) working group published specifications enabling high-security API access, suitable for accessing financial data and facilitating financial transactions.
In 2018, the UK Open Banking Implementation Entity adopted the FAPI specifications and their certification test suite as part of their Open Banking platform. In 2019, FAPI-based Open Banking APIs are in production use. The impact and importance of the FAPI work is hard to overstate. It’s a lynchpin enabling entrenched and start-up financial services players to build products, platforms and services that can interoperate with the Payment Services Directive Two (PSD2).
But most importantly, it gives end-users more control and security in their financial interactions, while also assuring their privacy in conformance to GDPR. Since FAPI was following OpenID Connect’s path to global adoption, it was time to bring the benefits of certification to those deployments. Like the existing certification program for OpenID Connect implementations, FAPI certification program is lightweight, low-cost, and designed to ensure that high-quality FAPI implementations become the norm in the marketplace. Providing open access to financial data under user control opens up a world of possibilities.