Blog

Top Banking APIs Enabling Access to Aggregated, Rich Financial Data

Post by:
Prove
October 27, 2016
Top Banking APIs Enabling Access to Aggregated, Rich Financial Data

Banking APIs constitute the core of innovative approaches to building financial products. Enabling access to data for all relevant participants of the market creates an opportunity to create superior offerings as well as for consumers to make better choices about financial products.

As the Competition and Markets Authority states in the report on retail banking, APIs make life simpler for millions by enabling us to share information. They are the hidden technological drivers behind digital applications such as Uber, Google Maps, and Facebook.

A host of banking API providers has expanded opportunities for entrepreneurs to build solutions for different segments of the financial services industry:

  • Payments gateways API providers (Braintree, Dwolla, Stripe, Wirecard, Adyen, etc.)
  • Trading APIs (Xignite, Zerodha, etc.)
  • Remittance APIs (Uphold, PayCommerce, etc.)
  • Data aggregation APIs (Kontomatik, Fidor, Figo, etc.)

Financial data aggregators are some of the most interesting elements of the financial API ecosystem as they drive valuable insights into customers’ financial behavior and enable a data-driven approach to creating financial products. Financial data aggregators also comprise the basis of a responsible approach to personal finance management and are in the foundation of consumer-empowering products.

Over the past several years, FinTech innovators have been enriching the banking API list with exquisite examples of advanced solutions aimed to empower financial institutions and customers. In fact, the concept of the Open API approach became one of the centerpieces of innovation in the financial services industry largely because of the companies we will be speaking of further.

Banking APIs are known to enable banking customers—through a single application—to manage accounts held with several providers. They also allow customers to authorize the movement of funds between current and deposit accounts to help avoid overdraft charges or to benefit from higher interest payments. They let customers make simple, safe, and reliable price and service quality comparisons tailored to their own usage patterns.

For businesses/institutions, banking APIs allow to monitor a current account and forecast a customer’s cash flow. Using businesses’ transaction history, API providers allow a potential lender to reliably assess a business’s creditworthiness and offer better lending deals than they would without this information.

Leading providers of data aggregation APIs

 

Kontomatik API

Kontomatik offers a read-only API for financial institutions, enabling them to import personal data, account balances, and full statements from any supported bank to their system. To do that, Kontomatik uses end-user bank credentials (a bank login and password). The solution ensures top-notch security as Kontomatik servers store very little data. Bank passwords are never stored, and financial data is removed ASAP (financial data is removed from Kontomatik servers in a 24-hour moving window. API clients, however, can force data removal at any time). Kontomatik API requires 2FA based on an API key and IP whitelist.

Kontomatik supports all major banks in ten countries on three continents and is ready to develop APIs for other countries upon request. Kontomatik supports the accessing of personal data of the account owners, current and saving accounts, and transaction history from those accounts.

Under the hood, Kontomatik mimics a human using a web browser. By using the very same protocol as a web browser, Kontomatik can potentially support any bank worldwide in a permissionless way. Kontomatik does not need agreements with all the supported banks as it exemplifies permissionless innovation. Kontomatik natively supports hardware tokens, SMS codes, mobile-application-generated one-time passwords, CAPTCHA pictures, anti-phishing pictures, and other types of user authentication.

Kontomatik is known for speed among competing solutions because the company does not run a farm of headless browsers and does not run any JavaScript as well as not download any assets. Kontomatik reverse engineers how HTTP requests are put together and then recreates them directly in Java with no overhead.

Among the banks supported by Kontomatik technology in various countries are Deutsche Bank, mBank, Raiffeisen Bank, Santander, Citibank, HSBC, BBVA, Scotiabank, Alpha Bank, Lloyds, Barclays, etc. Kontomatik is the fastest-growing banking API provider and has been distinguished by BBVA among the three most interesting examples in the data aggregation APIs segment. Next to this, Kontomatik has been defined as one of the five most useful APIs in the financial world by the Huffington Post.

Xignite

Xignite’s APIs are used by over 40 startups with the clientele, including companies such as Betterment, Wealthfront, Personal Capital, Yodlee, Oracle, SAS, Sungard, Charles Schwab, Navy Federal Credit Union, TD Ameritrade, Brinks, GE, and Starbucks.

 

A particular API of the company called the ‘FactSet Fundamentals’ is one of the first REST-based APIs to provide accurate and trusted historical financials, fundamentals, earnings, and more across more than 170 global exchanges. FactSet Fundamentals joins more than 40 other APIs for financial services in Xignite’s API library. APIs from Xignite provide back-end data integration, powering a lot of financial service ventures.

 

Plaid

Plaid gives developers the tools to integrate with bank infrastructure and the ability to access and authorize user bank accounts. Plaid offers two primary products through its APIs that allow users and developers to effortlessly interact with financial institutions: Plaid ACH Auth and Plaid Connect.

Plaid Connect allows developers to dig into the narrative by collecting transactional data from credit, debit, checking, savings, and more accounts in a clean, usable format. It intelligently matches the merchant name, category, location, and address of each purchase.

Fidor Bank

Fidor Bank, the Germany-based bank offers a standardized set of RESTful APIs and management systems handled with OAuth for authentication. With Fidor, each user can receive a specific customer ID and associated bank account. Deploying the Fidor API, requests can be made for third-party payments or transfers. Single transactions, as well as batch transfers or direct debit withdrawals, can be made using a single API-driven procedure. Web-based requests can be made to retrieve user information such as ID & customer email. The API enables developers to access general account management features.

Fidor combines a full banking license with its own technology and Open Banking APIs. The fidorOS has been designed to work with an existing core banking system and is expandable beyond traditional banking services. The banking platform is a middleware that provides support for social trading and lending, virtual currencies, and emergency loans without being tied to any legacy code.

Figo

Figo Connect API allows easy access to bank accounts, including transaction history and submitting payments. Bank accounts are the central domain object of this API and the main anchor point for many of the other resources. This API considers not only classical bank accounts as accounts but also alternative banking services, e.g., credit cards or PayPal. The API does not distinguish between these two in most cases.

Figo Connect is a completely RESTful API and aims to follow as many best practices as possible. The API and its online tools are only available via HTTPS. In addition, its SDKs employ certificate pinning to validate the certificate of the API server to extend beyond the SSL trust chain.

Yodlee

Yodlee Interactive, a division of Yodlee, builds APIs to help customers bring innovative FinApps to market more quickly using rich consumer transactional data. It primarily offers the following two APIs: Instant Account Verification API and Aggregation API, which enables developers to get access to randomized and securitized bank data through the ability to aggregate accounts, whether it’s an investment account, a bank account, a credit card account, a rewards account, an insurance account or some other account.

Besides the above two, the company has launched an Enterprise API, custom-built and co-branded for individual financial institutions. Yodlee’s API also allows geolocation information to be added to financial data. Yodlee developers launched a new set of restful APIs called FastLink that helps a user link multiple bank accounts and cards in one place with an easy drag and drop feature at the back-end.

Pich

Pich is a banking and financial data provider. The company organizes, collects, and aggregates this data for businesses and developers so that they can use it in their services. With the help of Pich’s API, the user can quickly integrate into the banking infrastructure and benefit from the reliable data of these financial institutions.

Pick Link API allows aggregating user-mandated data from accounts across multiple financial institutions. The Pich API provides businesses and developers with reliable, clean, and enriched transaction data in a machine-readable format. Pich maintains a dormant connection that becomes active the next time the user accesses the application, providing them with the most up-to-date information associated with the account.

Instantor

Instantor provides online identification and financial data reports based on real-time technology, giving insight into customer’s financial situation (i.e., salary level, spending habits, payday loans, other credits, and gambling, etc.) over the last 12 months. This is done through a connection to the bank in which the customer is a client.

Open Bank Project

Open Bank Project is an open-source API and app store for banks that empower financial institutions to securely and rapidly enhance their digital offerings using an ecosystem of third-party applications and services.

The Open Bank Project offers an easy-to-use RESTful JSON API that can be connected in minutes to enable integration of bank account information via REST API and the use of secure authentication via OAuth implementation. The Open Bank Project exposes transaction data in a simple and consistent structure by abstracting away the peculiarities of each banking system. This is achieved by connectors that interface between the OBP API and each core banking system. This enables application developers to write an app once and use it for many banks.

The Open Bank Project API supports transparency services via multiple configurable views on transaction data so that, for instance, the public may see most details of an NGO’s transactions while still preserving privacy where required. It also supports transaction data enrichment: comments, tags, and images may be added to transactions by authorized users, creating a dialogue around the data.

Spectre API by Salt Edge

Salt Edge provides account data aggregation, automatic categorization, customer-oriented money management, screen scraping software, omnichannel banking solutions with client analysis and targeted marketing.

Spectre API by Salt Edge is designed both for startups and innovative enterprises who need permission-based access and bank-level security to access their customers’ multiple account types, including checking, savings, credit cards, e-wallets, money-market accounts, prepaid cards, investments, insurance, loans, and mortgages.

This list of banking API providers offering data aggregation tools is certainly not exhaustive, but it does outline some of the most influential players.


Create secure frictionless customer experiences using modern identity solutions

Join 1,000+ companies and 500 banks, including 9 of the top 10 US financial institutions, that are already using Prove to accelerate revenue, mitigate fraud, and enhance customer experience. Contact us today.

Accelerate your onboarding

Contact us to learn how leading companies are using Prove Pre-fill to modernize the account creation process by shaving off clicks and keystrokes that kill conversion.

Create frictionless customer experiences

Get in touch to find out how we can help you identify your customers at every stage of their journey and offer them seamless and secure experiences.

Schedule a demo

Let our expert team guide you through our identity verification and authentication solutions. Select a date and time that works for you.

Schedule a demo

Find out how we can help you deliver seamless and secure customer experiences that comply with PSD2/SCA. Select a date and time that works for you.