The world is becoming an increasingly interconnected ecosystem. What powers this connectivity? Application Program Interfaces (APIs) are behind the scenes, serving as the engine that makes all of this interactivity possible.
APIs have been around forever; programmers have always invested in accessing and reusing code for efficiency in software development. However, generational changes that deliver new standards and technologies require us to examine heritage systems, as they may not be suitable for what is happening today. For instance, the digital economy involves moving from a batch paradigm to an on demand or real time paradigm and APIs enable us to make this transition.
How can your enterprise tap the power of APIs to participate in this modern digital business world? Industry experts shared their perspectives with a group of technology executives at BNY Mellon’s recent Technology Leadership Forum.
How Are APIs Used?
APIs are multidimensional. They empower an enterprise to connect and interact with outside world including partners, the government, regulators and others. They can also create an internal economy within an enterprise, connecting groups inside. The point of an API program is to present interfaces in a very standard way so that the learning curve goes down as you move from one API to the next. Representational State Transfer, or REST, is the architecture standard for designing network applications so that we can connect servers and share data.
Publishers of APIs design interfaces and create a program and a culture that enable programmers to access, consume and reuse them as they architect products and services, thus achieving efficiencies in software engineering. BNY Mellon is investing significantly in harvesting and publishing APIs from our heritage systems, creating a curated collection of microservices packaged as APIs so our clients can take advantage of these efficiencies.
Close collaboration with clients is necessary in order to better understand their data needs and design and manage API products that deliver maximum value. According to Sanjiva Weerawarana, Chief Executive Officer of WS02, an open source software company that enables enterprises to build, integrate, secure and analyze APIs, “The key thing to understand is that an API is a product and you need to have product management principles and practices in place. How are people using the product? What are their future needs? APIs are your entry level product in the digital economy; then you build new services, experiences and value on top those APIs.”
What Are the Benefits of APIs in a Digital Economy?
According to Weerawarana, internal reuse and digital transformation are two reasons to embrace APIs. In companies or ecosystems with large numbers of programmers, it is advantageous to create a store or marketplace where people who wish to build a digital product can go to discover and access capabilities that have already been written and reuse them to significantly cut development time and increase efficiency.
In terms of digital transformation, “APIs are often the enabler for a digital product,” Weerawarana said. “It is very important to create the atoms and molecules of the business so that you can create new compounds and put them out as the market and the world changes. The environment in which you expose digital capabilities to your clients is going to change significantly, essentially forever. Creating the digital business internally so that it can be reshaped or recomposed into what we’ll need in the next generation is absolutely critical. That is what APIs enable you to do. If you look at Google, Facebook and Uber, they are all powered by a set of APIs underneath to create awesome client experiences.”
Are There Challenges Associated With APIs?
A key hurdle in API adoption is finding ways to demystify them. Hackathons are an excellent opportunity to introduce people to APIs and increase their comfort level with this product. “It’s ok to use someone else’s stuff,” said Weerawarana. “Uber will not work if Google Maps goes down. Uber is a massive revenue business running essentially on APIs offered by third parties.”
A second challenge is to ensure that publishers create APIs that are highly reusable, which requires an investment in terms of time and money. Randy Solton, Principal Architect at BNY Mellon says, “If you only wrap up what you have done in the same way you have always done it, then you won’t actually increase the potential audience of those who can consume your APIs. In the quest to quickly launch APIs, people have a tendency to just put a very thin veneer around existing services and without considering the value.”
Analytics help publishers understand what API consumers are doing with their products so that they can evolve them in an iterative way. From the publisher’s point of view, analytics should highlight what developers are doing and usage trends in order to shape strategy. For instance, where should you invest more? Can you combine APIs that are used in conjunction regularly? Analytics support the minimum viable product concept, allowing publishers and developers to initially offer something simple and prototypical and then, based on which APIs get traction, they can evolve or retire products.
“When you make things to use and share, sharing comes at a burden,” according to Weerawarana. “With sharing comes responsibility. You become responsible not only for your own group, but also all of the others out in the world who are using your APIs.” This requires a culture shift that encourages individuals to consider the broad-based impact of creating APIs that other people want to use – both internally and externally.
Are APIs Safe and Secure?
In the past, there was a local mindset for developing code and the code itself was only accessible on a need-to-know basis. According to Solton, “APIs are shifting this mindset to follow a more open source model with transparency. People can see what you’ve done, collaborate and convince themselves that what you have is safe and secure. Now that we have a network model to share services we can factor common services out of our heritage systems and wrap them as RESTful APIs. In doing so, we need to achieve a new level of trust. We have to believe that others will not break our services and clients need to feel our products are secure.”
“The underlying technology behind APIs is as safe as other access and authorization control systems right now. It does require setup, development, management, monitoring and auditing in order to run a secure API system. But that is not unlike running any other security system, like your website,” according to Weerawarana.
BNY Mellon is the corporate brand of The Bank of New York Mellon Corporation and may also be used as a generic term to reference the Corporation as a whole or its various subsidiaries generally. Products and services may be provided under various brand names and in various countries by subsidiaries, affiliates, and joint ventures of The Bank of New York Mellon Corporation where authorized and regulated as required within each jurisdiction, and may include The Bank of New York Mellon, at 225 Liberty St, NY, NY USA, 10286, a banking corporation organized and existing pursuant to the laws of the State of New York (member of FDIC) and operating in England through its branch at One Canada Square, London E14 5AL, England. Registered in England and Wales with numbers FC005522 and BR000818. The Bank of New York Mellon is supervised and regulated in the United States by the New York State Department of Financial Services and the United States Federal Reserve and authorised in the UK by the Prudential Regulation Authority. The Bank of New York Mellon London branch is subject to regulation by the Financial Conduct Authority and limited regulation by the Prudential Regulation Authority. Details about the extent of regulation by the Prudential Regulation Authority are available from us upon request. Not all products and services are offered at all locations.
© 2017 The Bank of New York Mellon Corporation. All rights reserved.