In 2014, a large bank performed an internal assessment to project necessary infrastructure changes. The team’s challenge was to anticipate current and future market trends and opportunities. The bank’s resources focused on revenue strategy and tactical development to roll out profitable, new initiatives. Energy was directed into exploring successful channels for its core competencies. This action lead to creating a successful and profitable next generation digital payments platform for the strongest areas of the bank: Business and Retail Banking as well as Wealth Management.
The bank built a platform to publish APIs for:
The bank selected the on-premises deployment of the Akana API management platform to build out the digital payments platform. The bank leveraged the following capabilities of the Akana platform to support their objectives:
With the movement to an API-driven architecture the bank quickly realized they needed to establish a standardized way to design, create, and document the APIs. They needed a way to manage the portfolio and lifecycle of the APIs to ensure they were building the right APIs, at the right time, in the right way according to their regulatory standards and they could easily locate them. They also need to ensure that the governance processes they put in place didn’t impede their agile development processes.
The bank leverages the Akana platform's API lifecycle management capabilities to establish and enforce standards and to automate their development processes by hooking into their agile tools such as Jenkins.
Most of the APIs the bank publishes need to be delivered securely, both in terms of the infrastructure hosting the API, and the API interface itself. The API management solution protects the bank’s applications from external threats while providing state of the art API security. The Gateway offers comprehensive protection against OWASP top ten threats including Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Injection, Session Management, and more. It also provides antivirus scanning and strong cryptographic protection.
A couple of examples of the security features the bank implements are:
Working with payment data requires the bank to establish a PCI compliant infrastructure. The Akana platform has been through several PCI compliant certification at customer location on-premises and in our own hosted cloud offering.
The bank has several IBM WebSphere® DataPower appliances that needed to be easily managed. The bank leverages the Akana platform IBM WebSphere® DataPower to automate the administration of APIs and services across several IBM DataPower appliances simplifying the administration, reducing the operational costs, and reducing the risk of failures during API rollout. Without the Akana platform, the deployment of and changes to an API had to be configured manually on each IBM DataPower appliance which would introduce errors.
The bank additionally leverages the following Akana API gateway features:
Visibility of services and APIs across many IBM DataPower appliances proved to be very challenging for the bank. The Akana platform allow the bank to have complete visibility of their APIs and services across their IBM DataPower appliances giving them API analytics on operational, consumer, and business metrics that they never had before.
Automating new channel on-boarding to the digital payments platform is key to the banks future success. A critical part of any API platform is the ability to provide developers with a self-service platform they can use to find and easily consume APIs. The bank’s API management platform provides an API portal for:
The Akana platform is the only platform in the industry providing complete portfolio and lifecycle management capabilities. As a bank moves to an API-driven architecture, it needs the ability to manage the portfolio of APIs and have auditability and traceability of those APIs throughout the lifecycle.
The Akana platform is the only platform in the industry, which supports both an industry-leading software-based API Gateway and the IBM DataPower appliance, with matching policy driven capabilities. The bank chose the Akana platform because of its ability to have a scalable software API gateway on premises or in the cloud. The bank chose the successful Akana platform because of its ability to easily manage and control APIs within regulatory guidelines, on IBM DataPower appliances.
The bank required that the API platform vendor had extensive knowledge in establishing a PCI certified environment so they chose the Akana platform because of its hardened PCI DSS v3.1 and status as a Level 2 certified service provider.
The bank has successfully completed the creation of a secure PCI environment by implementing a tokenization strategy. It has eliminated fifty applications on all PCI-compliant scope platforms. The token service is managed by the Akana platform. The bank has been able to successfully automate the onboarding of new transaction processing channels. Most recently, it has enabled Apple Pay and was able to seamlessly add it in a matter of hours instead of months.
The bank is rolling out lifecycle governance for its services and API strategies. Once the process has been established, lifecycle management capabilities will be configured in the Akana platform. DevOps automation and auditing of the APIs and Services will be provided throughout the full lifecycle.