APIs are one of the most talked about topics in the industry. They present a new way of working which can speed up development and increase the amount of features and applications available to new product development teams, as well as exposing services to
partners, and even in some cases competitors. I believe that APIs are going to be among the key trends which split the payments community between the true innovators and those too cumbersome to grow, who will increasingly lag behind and become extinct.
Two big challenges face those planning for the future with APIs. Will companies have the right mindset and culture to grow? If they do, will they have the right technology to launch applications and innovate more effectively than the competition?
APIs are not new. They have been used for many years to create defined integration points between applications. They have been at the heart of mobile payments, geo location applications and financial management tools for years. However, the idea of working
in an open ecosystem, where organisations can access technology which is ordinarily guarded behind a financial institution’s gated walls, is enough to leave risk managers reaching for the tranquillizers.
But this must occur to increase the rate of innovation.
The big development will be to make the defined integration points widely available. Internal teams can experiment with this, or braver companies can use developers from outside their own organisation. If the systems are open to anyone, then developers can
get their heads together to dream up new and so far unimaginable uses for the technology.
Those calm enough, and with sufficient vision to see the benefits, could be on the verge of a technological step change. Others will close this liberated approach down, fearful of what could happen, and the available opportunities will quickly reduce. Even
so, those prepared to jump in at the deep end will still encounter a huge problem.
APIs are superb, and allow you to add features you do not need to develop yourself. However this makes it difficult to develop a robust test, and if you don’t control the “test system” then you are going to hit your first problem.
It may be expensive to connect to the system, or the system owner may only make it available during certain hours. In addition, the system under test might only return behaviour that is out of your control. What do I mean by this? For example, you may wish
to test dropping a communication channel half way through a test. Increasingly, people do their banking on the train to and from work and tunnels tend to be signal proof! Or, you may look to identify test cases for a stolen credit card when the API insists
the card is OK.
This can throw up problems as the full end-to-end transaction might react differently in a situation you have not been able to assess. The result is that you will be going to market with a system that is only partially tested. Hope is not a test strategy
and, in essence, that’s the approach you will be taking if you don’t test accurately. And the expense of getting it wrong, and experiencing an outage on a new product, is huge. Equally, the need to quickly, and cohesively regression test your platform after
changes becomes even more of an imperative if you’re exposing your organisation’s assets to third parties.
The approach to testing has changed radically over the last few years but the vast majority of organisations remain stuck in a process which causes them delays, and results in launches with systems riddled with problems. The way around this is by using ‘virtualisation’,
allowing you to replicate an end-to-end test of all the points in the transaction.
Virtualisation not only lets you test in isolation from the API provider, but allows you to orchestrate calls to multiple APIs entirely under your own control. You can more easily perform negative tests that the API may not easily allow, make the connection
available to all members of your test team 24/7 and allowing access at zero cost. In short, it liberates you from many of the constraints, but more importantly it reduces cost and risk.
Through the use of virtualisation, you can take back control of API testing, modify the API in order to prototype, and massively scale the tests for stress and performance analysis. With virtual models and 24 hour availability you can schedule complex regression
tests that run automatically regardless of how insignificant a change is made. And this is anywhere in the transaction lifecycle. When switch/migrations occur between APIs or an API release, virtualisation allows multiple “versions” to be tested in any combination,
which removes the usual risks for the migration.
The industry is at a crossroads
With over 25 years of payment testing, we have been at the forefront of building, implementing and supporting payment innovation, and I think that now is one of the most exciting times in the industry. I’m hopeful that if decision makers can get over the
anxiety of opening the doors, then we’ll have the right environment to innovate more quickly than ever before.