The API days London event concluded today (September 24th, 2015) with another great set of speakers.
The day began with a pleasant surprise: a shoutout from the organisers for my roundup for the first day! Thanks guys.
Anthemis’ Yann Ranchere’s keynote reiterated the importance of banking as a platform:
- “Web scrapers” already used by lots of coders to get data out of banks that don’t offer real APIs
- Be ambitious: make read/write APIs!
- Building a service that can replace somebody’s main bank account is tough to do with a “transactional licence” rather than a full “bank licence”
- Tension of being a platform: should you lock it down (like Twitter), or open it right up?
- Needs a fine balance but banks must support innovation outside their own walls
Ronnie Mitra gave a terrific, thoughtful keynote (“A Fine Balance”) with excellently composed slides:
- Standardisation increases compatibility, safety, and repeatability
- Can hinder innovation but provides a stable foundation for experimentation in other areas
- UX (web sites, mobile apps) is often now owned by the “capability provider” (banks)
- Banking as a platform means the UX can be owned by many other players
- Not ideal for market leaders but good for consumers and the market
- So what are the options for capability providers?
- Make a platform, and also compete on UX (tough to achieve)
- Make the UX providers your new customers
- Become an infrastructure business
- Focus on providing innovative features to UX providers
- “If we wait for regulation before acting, we may not end up with the solution we want”
Apiary’s Emmanuel Paraskakis nicely summarised the evolution of how people build APIs:
- Originally a byproduct of building apps
- Then documentation was generated from code
- Now design-first is the trend
- Next it is important to ensure API consistency across disparate groups of developers within the same organisations
Smartbear’s Paul Bruce thinks DevOps and Fintech can learn from one another:
- DevOps relies on very quick iteration
- Design, develop, test, orchestrate, deploy in one week sprints
- Good, Fast, Cheap (pick two)
- Fintech cannot play by these rules; need all three
- “Just ship it” is not good enough for Fintech where customer confidence is key
APIGEE’s Jeremy Brown reminds us that the point of APIs is abstraction and we need to think from the outside in:
- Don’t just take your SOA/WSDL/data model and put REST in front of it
- Think of the user and hide the complexity of the backend systems
- 2-speed IT important in this industry
- Keep existing banking core stable and slow-moving
- Build new services on top quickly
- Keep your rare-breed Cobol guys happy!
- How does a 100+ year old company become a platform business?
- Secret weapon to compete with challengers: lots of data
- Enables functional, load, and security testing, as well as API virtualisation and monitoring
- Paul noted we should monitor both APIs and web sites so we can localise problems
- Many people in the room said they were using the open source Swagger API descriptor format
- Standard API that banks can implement to expose their data
- Written in Scala and adopts OAuth 1.0
- Licensed under the free and open source AGPL or you can purchase a commercial licence
Braintree’s Joe Nash convincingly argued for tokenisation in a rapid and interesting set:
- Immersion is key
- Games are immersive
- E-commerce experiences are not
- Immersion is fragile
- Don’t make me fill in forms: shut up and take my money!
- Convert real payment details to a meaningless token
- Generic: can work with any payment method
- Allows devices to remember you across different shops/services and pay with single clicks
Augusto Marietti, CEO of Mashape, handed out ammunition for convincing management to move to microservices:
- Industrial revolution
- From bespoke to assembly lines
- Software developers
- From jack-of-all trades to specialists
- From monolithic to microservices
- The main reason for microservices is so some parts can go down without taking down everything
- The “modern architecture”:
- Kong: a layer for common activities like rate limiting, authentication, etc.
- Unique business logic is in separate microservices behind Kong
Louison Dumont gave a lightning talk on the basics of Bitcoin, noting that “people are paid to verify the integrity of the ledger”.
The organisers did a great job putting the conference together, and getting a lot of interesting speakers and attendees under the same roof for two days. Thanks to everybody who participated!
The takeaway themes for me were:
- Challenger banks are already snapping at the heels of more established banks
- Banks will be compelled to provide full platform APIs, but the “pivot” beyond that is uncertain
- Banks of the future will be better for consumers
- 2-speed (or even 3-speed) IT is necessary to make progress in this industry
- RESTful microservices are in, SOA is out
- Docker is awesome
- API testing is important, but integration testing is heavily favoured over acceptance testing
One final highlight of the event was the great sketched notes from Jacqueline Adriano. Take a look!