This Fortune 500 company offers a broad range of financial products and services to consumers, small businesses, and commercial clients. The bank wanted to create better end customer experiences with a suite of tools and technology to simplify their daily lives with services to help them manage money, credit, and identity, amongst other essential things.
The bank built an API Platform with a Developer Portal to expose these tools and technologies to developers who can easily use them in their products. The API Platform and Developer Portal publish a set of externally-facing APIs that provide valuable capabilities App developers can embed into applications to help streamline their users’ lives. These include:
The bank will continue to extend the range of APIs to meet the fast growing needs of its developer community.
The APIs the bank is publishing through the Gateway and Portal must be secure, reliable, and easy to find and consume, and must also be able to sustain the level of traffic generated by popular Apps used by millions of customers.
There are two integrated components in the bank’s API management platform:
Most of the APIs the bank publishes need to be delivered securely, both in terms of the infrastructure hosting the API, and the API interface itself. The API Management solutions protects the bank’s applications from external threats while providing state of the art API security. The Gateway offers comprehensive protection against OWASP top ten threats including Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Injection, Session Management, and more. It also provides antivirus scanning and strong cryptographic protection.
A couple of examples of the security features the bank implements are:
The bank needs to ensure that its APIs perform extremely well to keep customers happy, scale to support the needs of a rapidly growing user base, and are distributed globally to provide local access to minimize network latency for global users. To this end the API management solution provides:
A critical part of any API platform is the ability to provide developers with a self-service platform they can use to find and easily consume APIs. The bank’s API Management platform provides:
The bank purchased Akana as the foundation of its API Platform and Developer Portal to provide a high-performance, reliable platform for:
This particular customer chose a perpetual license model, deploying the products into its own Amazon VPC instances, using Akana’s Docker image with Amazon EC2 Container Server. This closely models the deployment Akana uses in its own SaaS platform. By following this deployment pattern the bank ensures seamless scaling as needed, and maintains compliance with its own internal security policies.
The bank selected the Akana platform over other vendors for several reasons. It offered the best performance, scale, and richness of features and functionality. The Akana platform also successfully combined with the bank’s required deployment automation capabilities.
The bank’s platform is in production handling live traffic. The bank continues to roll out more APIs and has planned a rich roadmap of new services.