Published in December 2015
by Carnegie Mellon University — Heinz College

Executive Summary

In Financial industry, many API are released from bank and IT vendors by improving information technology. Especially, mobile application accelerates promulgation of financial API. At the same time, spreading financial API brings increased information security risk such as leaking bank account information due to lack of financial API standards. In this situation, BIAN and CMU are trying to create API guideline by utilizing SOA based BIAN standard, BIAN Service Landscape in this project. The project team determine API as API contents design, such as what information exchanging in the API. The API classification guideline describes API classification type and classification procedure for each banking business process.

Regarding API classification type, the guideline categorizes the banking businesses process from two angles that are a data type of the business information and a communication type with the other process. First, data type, the guideline uses three Tiers approach that focus on the data structure of each information. Tier 1 (Detailed) is all information of the process are structured data. Tier 2 (Mixed) contains both data types that are structured data and unstructured data, in the process. Tier 3 (Generic) is the other end of Tier 1 that all information are unstructured data. Second, communication type, the type also has three groups, “Machine to Machine (MtoM)”, “Machine to Person (MtoP) / Person to Machine (PtoM)”, and “Person to Person (PtoP)”. The communication type looks at the interaction between two banking business processes.

API classification procedure is determined through CMU team business scenario exercise. They conducted the exercise for 5 business scenarios that contained payment transaction business and loan origination business. This 5 business scenario covers 23 business process; the process is called Service Operation in BIAN Service Landscape. Each Service Operation contains data items, and CMU team evaluated the data to classify Service Operation into each data type and communication type. By iterating the business scenario exercise, CMU team standardize the evaluation process into API classification procedure to expand the study for the other business scenarios.

After analyzing the result of the business exercise, CMU team conclude that API should standardize for each Service Operation. Also, there is relevancy among data types and communication types by classifying Service Operation. Classification of Service Operation converges with three groups, “Tier 1 — MtoM”, “Tier 2- MtoP / PtoM”, and “Tier 3 — PtoP”. Also, they recognized this tendency might change by improving text analytic capability. CMU team experienced iteration of business scenario exercise brings new finding in the project.