Endava Labs develops proofs of concept and demos for clients, currently exploring innovations in identity management and APIs for financial services. Identity management could be improved through government-verified digital identities that are recognized internationally. APIs allow systems like banks to communicate, and identity plus APIs may enable global digital banking where customers can access accounts in different countries and currencies. This could change how banking is regulated and open opportunities for new "financial services apps" that automate money management.
1. QUALITY. PRODUCTIVITY. INNOVATION. endava.com
Innovation in Mobile Payments
Innovation is one of the three core tenets at Endava. One of the ways we keep innovating is
through Endava Labs, our sandbox approach to building proofs of concept and demos for
large clients including retail banks, insurance and payments companies. Currently we are
looking at a few innovations in the areas of Identity Management and APIs in financial
services that could change your business immeasurably...
Identity
Let’s start with identity. The Internet is still rubbish
when it comes to identity.
In the real world we have driving licences, passports,
signatures and PIN numbers to prove who we are.
These are all forms of identification trusted by
governments, financial institutions and businesses.
When combined, we have what we call two-factor
authentication. But on the Internet, we still don’t have
any authenticated identity. You can create an account
on a website, but that doesn’t prove you are who you
say you are.
Businesses transact using SSL certificates to prove they
are who they say they are, but sometimes those
businesses or other individuals need to know
consumers, are who they say they are. Take AirBNB for
example. You don’t want to rent a room from a
convicted axe murderer, and you don’t want to rent a
room to an axe murder either – you need to trust the
tenant or the home owner. But if you have a great
eBay rating, you still have to start from scratch again
when you create an AirBNB account, why? because no
one trusts anyone else’s digital identity assurance.
2. QUALITY. PRODUCTIVITY. INNOVATION. endava.com
Then we have Facebook Connect – where a user
registers or logs into any website using their Facebook
credentials, unsurprisingly that isn’t trusted - yet.
Endava conducted some consumer research, and right
now, even the under 30s don’t want to log into their
bank accounts with their Facebook credentials.
This is going to change over time, once we get so
utterly sick and tired of usernames and passwords, and
of course, organisations’ inability to keep them secure.
Clearly Facebook Connect isn’t the answer at the
moment either.
Perhaps surprisingly, the answer is likely to come from
the government. The UK government is working on an
identity assurance platform to solve some of the
problems highlighted here. Bookmakers for example
will be able to check with the government whether this
person trying to log into my site really is over 18. As a
car insurer, you’ll be able to check whether this person
applying for car insurance really has a clean driving
licence.
The government Identity Assurance scheme will enable
UK citizens to have their identity physically confirmed
by a number of third-party agencies, such as the Post
Office (which already performs some of these functions
for hard copy government forms).
This all sounds great, and could be a game changer. But
the icing on the cake, and half the cake itself, is that the
UK government has already started working with other
governments to ensure its identity assurance scheme is
recognised internationally, we’ll return to this theme
later on in this paper.
3. QUALITY. PRODUCTIVITY. INNOVATION. endava.com
APIs
The second concept, of APIs, is also well underway.
APIs are the interfaces which enable systems to talk to
each other. Banks have been building APIs into their
systems for the last couple of years, mainly so that they
can release mobile apps, which interact with the bank
through these APIs. Some banks’ APIs are more
developed than others, but as mobile apps become
more comprehensive, so will all the banks’ APIs.
APIs have finally provided the much-needed interface
into the dark areas of the bank’s mainframes. For
decades, mainframes have been the primary reason
banks have been inflexible and resistant to change. But
APIs abstract this complexity and provide the much-
needed flexibility.
Identity + APIs =
New opportunities
So once we have an international identity assurance
scheme and APIs in banks, consumers will have the
flexibility to do banking globally. Just as you can buy
something from Amazon in Italy, Alibaba in China or
John Lewis here in the UK, consumer banking could
become global too. But aren’t regulators going to have
to quickly catch up, because soon it’s going to be quite
straightforward to open a current account in your local
currency, a mortgage where interest rates are really
low, such as Japan (where they are 0.1%), and a savings
account where interest rates are high, such as Brazil (at
11%).
We’ll want to spread our risk with our savings because
we won’t get the Financial Services Compensation
Scheme – where the UK government will cover my
savings up to £85K. So we’ll spread savings across Brazil
(11%), Turkey (9.5%), India (8%) and Indonesia (7.5%) –
you get the point.
There is an irony here of course. What’s the prefix to
almost every website you visit on the Internet? It’s
“www” of course. And what does www stand for? The
World Wide Web. The WORLD WIDE Web was founded
roughly 25 years ago – it’s taken that long, (plus
another 3-5 years) to really digitally revolutionise
banking.
Also half the big UK banks replace the www prefix with
their own prefix (names like online, onlinebanking and
ibank) – which makes you think they are preempting
the move to globalization.
New opportunities and a new
marketplace
Extrapolating beyond this model is what third-party
companies can do. For our purposes we’ll call them
“Financial Services Apps in 2018”. These Financial
Services Apps in 2018 will be automated, and move our
money around to get the best savings rates and the
best mortgage rates. And this can be automated ONLY
because of the identity assurance the banks’ see from
an internal security perspective, and the APIs the banks
offer externally. It really will be the ultimate offset
current account!
What of bank branches? Just like the role of libraries
today – we can buy books from a penny off Amazon
and have them delivered literally to wherever we want
to read them, and that’s just paper books. We can
download and read a digital book in seconds. But we
still have libraries. And bank branches will be the same.
ATMs, telephone banking, Internet banking and mobile
banking – they’ve all “heralded the end of bank
branches”, but we still have them.
4. QUALITY. PRODUCTIVITY. INNOVATION. endava.com
What next?
How does this affect me?
During a panel discussion with Ian Sayers from Zapp,
Bradley Howard from Endava, Chris Cooper-Bland from
Endava and Nick Telford-Reed from WorldPay, the
following points were made.
If you’re thinking “What next?” or “How does this
affect me?”… the answer is that for all the programmes
you are working on, make sure that you are building
open APIs as part of the project. Some agencies and
industry experts talk about “Mobile first”. At Endava,
we say “API first”.
API first is future proof. Whether your customers start
using Google Glass, wearable devices or their large TVs
at home – as long as your API supports the
functionality, it doesn’t matter what the output device
or channel is. Whereas coding for a specific device is
expensive and likely to be short-termist.
And finally, we recommend a look at the Government
Digital Service (or GDS) blog on Identity Assurance.
Which of us really likes the current username and
password situation? Be honest! Well GDS looks like the
best path to solving the issue. Together with your own
APIs, we look forward to seeing your organisation in
the Financial Services App Stores in 2018.
Thankyou
We would like to thank to the speakers at “The Future of Digital Payments” event for all their inputs on the topic and
the sparkling conversations generated during the event:
Nick Telford-Reed, Director of Technology Innovation, WorldPay
Ian Sayers, CTO, Zapp
Chris Cooper-Bland, Group Head of Architecture, Endava
Bradley Howard, Head of Digital Media, Endava
About Endava
Endava is a privately owned IT services company established in 2000. With over 1,600 full time employees, Endava
currently has 11 locations across the UK, USA, Germany, Romania, Moldova and Macedonia, and an annual revenue
of over £40 million / € 50 million.
Endava delivers, builds and runs mission critical IT solutions and platforms for some of the world’s leading companies
in the Banking, Insurance, Telecommunications, Retail, Travel and Media & Publishing sectors. Endava specialises in
delivering services such as: Application Development, Digital Media, Independent Testing, IT Consultancy, Application
Management and Cloud Services.