{"id":16504,"date":"2021-10-21T20:28:20","date_gmt":"2021-10-21T14:58:20","guid":{"rendered":"https:\/\/coforge.site\/cigniti\/blog\/?p=16504"},"modified":"2024-02-01T18:34:48","modified_gmt":"2024-02-01T13:04:48","slug":"api-testing-open-banking","status":"publish","type":"post","link":"https:\/\/coforge.site\/cigniti\/blog\/api-testing-open-banking\/","title":{"rendered":"The importance of API Testing in Open Banking"},"content":{"rendered":"<div class=\"wpb-content-wrapper\"><p>[vc_row][vc_column][vc_column_text]UK\u2019s Competition and Markets Authority (CMA), after a market study, stated that the nine biggest banks (CMA9) allow authorized startups and third-party providers (TPPs) access to their data.<\/p>\n<p>The Open Banking Implementation Entity (OBIE) was created to help with this. OBIE\u2019s mission is to collaborate with the UK\u2019s top banks and building societies to promote competition, open up personal data, and provide an individual with a vendor option.<\/p>\n<h2>Why and what is Open Banking?<\/h2>\n<p>Open Banking means the bank can share financial data with third parties with the customer\u2019s permission. Third parties will access the customer\u2019s financial information, including transaction history, banking interactions, businesses used, and spending habits.<\/p>\n<p>Thanks to Open Banking, FinTechs can use APIs to connect their services to financial data. With the consumers&#8217; cooperation, open banking moved from a closed data model to an open one, where data can be shared across different stakeholders in the banking ecosystem.<\/p>\n<p>Banks can provide clients more control over their financial data by allowing them to connect to other regulated providers. Third-party money management software, such as Intuit, can display all transaction details and balances in one place. It will also pave the way for a plethora of fintech innovations.<\/p>\n<p>It is thus essential to understand the business drivers behind the advent of Open Banking.<\/p>\n<h2>Business drivers behind the advent of Open Banking<\/h2>\n<p>The critical business drivers behind the advent of Open Banking are:<\/p>\n<ul>\n<li>Co-innovation with third parties to expand their service offerings<\/li>\n<li>Creation of intuitive and frictionless customer journeys<\/li>\n<li>Pursuing new business models and revenue streams<\/li>\n<li>Accelerated growth and expansion into new markets<\/li>\n<li>Increase market speed without introducing additional risk<\/li>\n<li>Competing with Fintech challengers and the big banks<\/li>\n<\/ul>\n<p>While we\u2019ve seen the business drivers behind the advent of Open Banking, it is imperative to understand the essential requirements and implementation of Open Banking.<\/p>\n<h2>Open Banking Key Requirements and Implementation:<\/h2>\n<p>An API is an application programming interface connecting an application to the web and other APIs. It is the brain of the connected world and is a set of tools\/protocols\/standards and code.<\/p>\n<p>The use of APIs is fundamental to the Open Banking and Payment Services Directive (PSD2) concept. The requests for services and products that can deliver multichannel customers and provide relationships to these customers need significant development in the Open API sector.<\/p>\n<p>The API Platform\u2019s primary function is to publish and secure APIs. The Platform is described as a layer that communicates with bank middleware.[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<img decoding=\"async\" class=\"alignnone size-medium wp-image-16506\" src=\"https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog1-555x266.png\" alt=\"\" width=\"555\" height=\"266\" srcset=\"https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog1-555x266.png 555w, https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog1-600x287.png 600w, https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog1.png 687w\" sizes=\"(max-width: 555px) 100vw, 555px\" \/>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2>Challenges of API-based infrastructure<\/h2>\n<p>Communication between the various components of Open Banking will be accomplished through an \u2018API-based infrastructure that includes numerous hardware and software components.<\/p>\n<p>End-to-end testing of these complex infrastructures will be difficult, time-consuming, and error-prone, resulting in higher costs, longer onboarding times, and a danger to reputation.[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<img decoding=\"async\" class=\"alignnone size-medium wp-image-16507\" src=\"https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog2-555x109.png\" alt=\"\" width=\"555\" height=\"109\" srcset=\"https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog2-555x109.png 555w, https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog2-768x150.png 768w, https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog2-833x163.png 833w, https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog2-600x117.png 600w, https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog2.png 844w\" sizes=\"(max-width: 555px) 100vw, 555px\" \/>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h4><strong>Testing Considerations<\/strong><\/h4>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;1\/4&#8243;][vc_column_text]<strong><span class=\"TextRun BCX0 SCXW106977735\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun BCX0 SCXW106977735\">Potential Areas<\/span><\/span><\/strong><span class=\"TextRun BCX0 SCXW106977735\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun BCX0 SCXW106977735\">\u00a0\u00a0<\/span><\/span>[\/vc_column_text][vc_column_text]<img decoding=\"async\" class=\"alignnone size-full wp-image-16508\" src=\"https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog3.png\" alt=\"\" width=\"183\" height=\"144\">[\/vc_column_text][\/vc_column][vc_column width=&#8221;3\/4&#8243;][vc_column_text]<span class=\"TextRun BCX0 SCXW106977735\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun BCX0 SCXW106977735\"><strong><span class=\"TextRun BCX0 SCXW106977735\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun BCX0 SCXW106977735\">Testing considerations<\/span><\/span><\/strong> \u00a0<\/span><\/span>[\/vc_column_text][vc_column_text]<\/p>\n<ul style=\"padding-left: 15px;\">\n<li>A robust approach to validate conformance of security, digital performance, and operational OBIE (Open Banking Implementation Entity) requirements.<\/li>\n<li>An appropriate Test Environment Strategy to enable end to end tests with TPP\u2019s using \u2018Production like\u2019 environments.<\/li>\n<li>Adequate test coverage of different payment types across retail and business customers.<\/li>\n<\/ul>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;1\/4&#8243;][vc_column_text]<img decoding=\"async\" class=\"alignnone size-full wp-image-16510\" src=\"https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog4.png\" alt=\"\" width=\"138\" height=\"135\" srcset=\"https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog4.png 138w, https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog4-50x50.png 50w\" sizes=\"(max-width: 138px) 100vw, 138px\" \/>[\/vc_column_text][\/vc_column][vc_column width=&#8221;3\/4&#8243;][vc_column_text]<\/p>\n<ul style=\"padding-left: 15px;\">\n<li>Physical mobile devices to validate web to mobile\/mobile to web \/mobile to mobile redirection.<\/li>\n<li>Data mapping to ensure correct data is exposed to target OB fields<\/li>\n<li>Functional tests to validate for consent, AIS, PIS, confirmation of Funds, access dashboards API<\/li>\n<li>End to end customer journeys tests which align with the Open banking [OB] customer experience guidelines<\/li>\n<\/ul>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;1\/4&#8243;][vc_column_text]<img decoding=\"async\" class=\"alignnone size-full wp-image-16511\" src=\"https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog5.png\" alt=\"\" width=\"128\" height=\"116\">[\/vc_column_text][\/vc_column][vc_column width=&#8221;3\/4&#8243;][vc_column_text]<\/p>\n<ul style=\"padding-left: 15px;\">\n<li>Comprehensive tests to MI and reporting solution to generate periodic reports for FCA (including PSD transaction information, fraud\/operational &amp; risk assessment, Complaints, etc.)<\/li>\n<li>Comprehensive tests of event driven notification to FCA (AIS\/PIS denial, major operation\/security incidents, etc.)<\/li>\n<\/ul>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;1\/4&#8243;][vc_column_text]<img decoding=\"async\" class=\"alignnone size-full wp-image-16512\" src=\"https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/blog6.png\" alt=\"\" width=\"155\" height=\"147\">[\/vc_column_text][\/vc_column][vc_column width=&#8221;3\/4&#8243;][vc_column_text]<strong>Develop Tests to validate:<\/strong><\/p>\n<ul style=\"padding-left: 15px;\">\n<li>Electronic payments initiated by the payer are covered under the SCA solution and the customer experience is consistent across all journeys and channels.<\/li>\n<li>Dynamic linking to electronic remote payment transactions<\/li>\n<li>Fraud rules implemented consistently across channels<\/li>\n<\/ul>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2>Open Banking Sample Scenario:<\/h2>\n<p>Cus1 and Cus2 are two individuals who want to register for HSBC PSD2 and avail themselves of its services. However, they have different customer statuses in HSBC&#8217;s existing e-banking system. The details of both are mentioned below:<\/p>\n<p><strong><em>Payment initiation service<\/em><\/strong>:<\/p>\n<p>Cus1 is an existing customer of HSBC and is already using the current BOV e-banking channel. Cus1 has a 6-digit numeric unique user ID and a physical VASCO device. Cus1 wants to pay from PayPal (TPP) using his HSBC account.<\/p>\n<p>-Sample API requests: GET-Payment ID, Payment Product, etc.<\/p>\n<p><strong><em>Account information service<\/em><\/strong>:<\/p>\n<p>Cus2 is an existing HSBC customer but has not registered for current BOV e-banking channel access. Cus2 wants to inquire about his account details using Mint (TPP) for his HSBC accounts.<\/p>\n<p>-Sample API requests: GET-accounts, balances etc.[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;1\/2&#8243;][vc_column_text]<em><span class=\"TextRun BCX0 SCXW211207129\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun BCX0 SCXW211207129\">Sample GET-Account API Request:<\/span><\/span><\/em>[\/vc_column_text][vc_column_text css=&#8221;.vc_custom_1634827893135{background-color: #73aed1 !important;}&#8221;]<\/p>\n<p style=\"font-size: 12px;\">{<br \/>\n&#8220;id&#8221; : &#8220;80a64003-3649-44b1-8931-cf665bbf6d36&#8221;,<br \/>\n&#8220;name&#8221; : &#8220;v1_accounts&#8221;,<br \/>\n&#8220;request&#8221; : {<br \/>\n&#8220;url&#8221; : &#8220;\/v1\/accounts?withBalance=false&#8221;,<br \/>\n&#8220;method&#8221; : &#8220;GET&#8221;,<br \/>\n&#8220;headers&#8221; : {<br \/>\n&#8220;X-Request-ID&#8221; : {<br \/>\n&#8220;matches&#8221; : &#8220;.+&#8221;<br \/>\n},<\/p>\n<p>[\/vc_column_text][\/vc_column][vc_column width=&#8221;1\/2&#8243;][vc_column_text]<em><span class=\"TextRun SCXW113420309 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW113420309 BCX0\">Sample GET-Account API Response:<\/span><\/span><\/em>[\/vc_column_text][vc_column_text css=&#8221;.vc_custom_1634827924143{background-color: #73aed1 !important;}&#8221;]<\/p>\n<p style=\"font-size: 12px;\">&#8220;response&#8221; : {&#8220;status&#8221; : 200,&#8221;body&#8221; : &#8220;{\\&#8221;accounts\\&#8221;:[{\\&#8221;resourceId\\&#8221;:\\&#8221;HGlNA7CqT8sjd_1aV2v2LI\\&#8221;,\\&#8221;iban\\&#8221;:\\&#8221;DE38760700240320465700\\&#8221;,\\&#8221;currency\\&#8221;:\\&#8221;EUR\\&#8221;,\\&#8221;name\\&#8221;:\\&#8221;max.musterman\\&#8221;,\\&#8221;displayName\\&#8221;:\\&#8221;mock displayname\\&#8221;,\\&#8221;product\\&#8221;:\\&#8221;Cash24\\&#8221;,\\&#8221;cashAccountType\\&#8221;:\\&#8221;CASH\\&#8221;,\\&#8221;status\\&#8221;:\\&#8221;enabled\\&#8221;,&#8221;}}}]}&#8221;, &#8220;headers&#8221; : { &#8220;vary&#8221; : [ &#8220;Origin&#8221;, &#8220;Access-Control-Request-Method&#8221;, &#8220;Access-Control-Request-Headers&#8221; ],&#8221;x-request-id&#8221; : &#8220;70a7346e-e769-4c4b-8326-ceb6b785e07c&#8221;, &#8220;content-type&#8221; : &#8220;application\/json&#8221;, &#8220;date&#8221; : &#8220;Tue, 07 Jul 2020 08:08:14 GMT&#8221;,&#8221;x-robots-tag&#8221; : &#8220;none&#8221;,<br \/>\n&#8220;set-cookie&#8221; : &#8220;SRVNAME=17984ba812b2bfa7d54e249e16048ab4; path=\/; HttpOnly; Secure&#8221;,&#8221;cache-control&#8221; : &#8220;private&#8221; }<\/p>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<span data-contrast=\"auto\">Sample HTTP Status Codes:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<table data-tablestyle=\"MsoNormalTable\" data-tablelook=\"1184\" aria-rowcount=\"6\">\n<tbody>\n<tr style=\"background-color: #9be4ff;\" aria-rowindex=\"1\">\n<td data-celllook=\"69905\"><b><span data-contrast=\"auto\">Status Code<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"69905\"><b><span data-contrast=\"auto\">\u00a0\u00a0\u00a0\u00a0 Message<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"69905\"><b><span data-contrast=\"auto\">Description<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<\/tr>\n<tr aria-rowindex=\"2\">\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">200<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">OK<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">Response to a successful REST API action. The HTTP method can be GET, POST, PUT or DELETE.\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<\/tr>\n<tr aria-rowindex=\"3\">\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">201<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">Created<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">The request has been fulfilled, and a resource was created. A URI for the created resource is returned in the Location Header.\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<\/tr>\n<tr aria-rowindex=\"4\">\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">202<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">Accepted\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">The request has been accepted for processing, but processing is not yet complete.\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<\/tr>\n<tr aria-rowindex=\"5\">\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">400<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">Bad Request<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">The request is malformed, such as a message body format error.\u00a0<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<\/tr>\n<tr aria-rowindex=\"6\">\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">401<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">Unauthorized\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<td data-celllook=\"4369\"><span data-contrast=\"auto\">Wrong or no authentication ID\/password provided.\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>[\/vc_column_text][vc_column_text]API Testing: This test ensures an API is working as functionally designed and gracefully handles failures by responding with the desired status codes.<\/p>\n<p>The APIs are tested with single requests and through collection runners via the Postman tool to validate the consent.<\/p>\n<p>Integration Testing: Ensures that all the integration touchpoints are validated correctly to uncover any bottlenecks irrespective of the complexity of the application and technologies involved.<\/p>\n<p>Communication\/integration between different components in the system, i.e., PSU &gt; TPP (AIS\/PIS) &gt; ASPSP touch points, are validated.<\/p>\n<p>Data Validation: In a banking ecosystem, several data types can be accessed through an interface. This can include customer or account information, deposit data, loan information, transaction details, and real-time or end-of-day batch process details. Thorough validation should be performed on the input data, including:<\/p>\n<ul>\n<li>Data type validation<\/li>\n<li>Field length validation<\/li>\n<li>Data validation in the response body.<\/li>\n<\/ul>\n<p>Performance Testing:\u00a0 <a href=\"https:\/\/www.cigniti.com\/services\/performance-testing\/\" target=\"_blank\" rel=\"noopener\">Performance testing<\/a> helps to determine a system\u2019s and application\u2019s limitations under expected loads. It also helps fine-tune the application to make sure it is stable, scalable, and performs consistently as expected with optimal resource utilization. PT ensures the application runs optimally by considering factors like response time, scalability, downtime, and infrastructure costs.<\/p>\n<h4>Outcomes of performance testing include:<\/h4>\n<ul>\n<li>The response time of each transaction in the application<\/li>\n<li>Network delay between the client request and server response<\/li>\n<li>Limitations due to hardware like CPU maximization, network bottlenecks, memory limitation, etc.<\/li>\n<\/ul>\n<h3>Security Testing:<\/h3>\n<p>Authentication and authorization are vital in banking APIs. Testers should ensure that multi-factor authentication is performed before authorizing APIs to perform desired functions.<\/p>\n<h3>Compliance Testing:<\/h3>\n<p>Testing the processes for onboarding TPPs before they are permitted to integrate with the FI\u2019s APIs and Defining clear internal standards for creating audit trails and reporting procedures that consider the FI\u2019s activities and that of their TPP partners.<\/p>\n<h2>Conclusion<\/h2>\n<p>Cigniti\u2019s Testing approaches outlined above bring many benefits, as we have seen based on our own experiences, i.e., Web Services Validator utility for automated Test Data Generation for SOAP and RESTful Services.<\/p>\n<p>Cigniti\u2019s utilities and best practices help shrink the test execution cycle. Service virtualization simulates request patterns and data parsers for JSON &amp; XML requests and Open API Accelerators with pre-written test scenarios and checklists. We possess test accelerators and other reusable test artifacts consisting of end-to-end test scenarios and checklists for major open banking API functionalities.<\/p>\n<p>Cigniti\u2019s Solution Alignment with Open Banking Ecosystem validation coverage includes Functionalities, API <a href=\"https:\/\/www.cigniti.com\/services\/security-testing\/\" target=\"_blank\" rel=\"noopener\">Security<\/a>, API Performance, and API automation. Our value proportions include Omnichannel coverage cutting across all validation areas in the complex Open API ecosystem and adherence to industry standards and Open API <a href=\"https:\/\/coforge.site\/cigniti\/blog\/hipaa-compliance-testing-software-applications\/\">compliance<\/a> and guidelines.<\/p>\n<p>Our comprehensive validation solution is based on cutting-edge technology, best practices, and accelerators that add significant value in effort, cost, user experience, increased market reach, and demographics.<\/p>\n<p>Need help? <a href=\"https:\/\/www.cigniti.com\/contact-us\/\" target=\"_blank\" rel=\"noopener\">Schedule a discussion<\/a> with our Banking and API Testing experts to learn more about the importance of API testing in Open Banking.[\/vc_column_text][\/vc_column][\/vc_row]<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>[vc_row][vc_column][vc_column_text]UK\u2019s Competition and Markets Authority (CMA), after a market study, stated that the nine biggest banks (CMA9) allow authorized startups and third-party providers (TPPs) access to their data. The Open Banking Implementation Entity (OBIE) was created to help with this. OBIE\u2019s mission is to collaborate with the UK\u2019s top banks and building societies to promote [&hellip;]<\/p>\n","protected":false},"author":58,"featured_media":16505,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[732],"tags":[688,3409,3413,501,3170,3167,3412,565,3848,3847,3849,3169,3408,3410,3411],"ppma_author":[3846],"class_list":["post-16504","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bfsi-testing","tag-api-testing","tag-automated-testing-in-banking","tag-bank-app-testing","tag-banking-application-testing","tag-banking-applications-testing","tag-banking-digital-transformation","tag-banking-domain-software-testing","tag-bfsi-testing","tag-open-banking","tag-open-banking-api-testing","tag-open-banking-testing","tag-payment-security-testing","tag-software-testing-for-banking-industry","tag-test-automation-in-banking","tag-test-banking-domain-application"],"authors":[{"term_id":3846,"user_id":58,"is_guest":0,"slug":"suman","display_name":"Ramji Suman Rentapalli","avatar_url":{"url":"https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/author-suman.jpg","url2x":"https:\/\/coforge.site\/cigniti\/blog\/wp-content\/uploads\/author-suman.jpg"},"author_category":"","user_url":"","last_name":"Rentapalli","first_name":"Ramji Suman","job_title":"","description":"Suman has 10+ years of experience in quality assurance with special focus on Digital Banking. Within Cigniti, Suman is part of BFSI CoE team that leads enhancing domain competency and solution developments. "}],"_links":{"self":[{"href":"https:\/\/coforge.site\/cigniti\/blog\/wp-json\/wp\/v2\/posts\/16504","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coforge.site\/cigniti\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coforge.site\/cigniti\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coforge.site\/cigniti\/blog\/wp-json\/wp\/v2\/users\/58"}],"replies":[{"embeddable":true,"href":"https:\/\/coforge.site\/cigniti\/blog\/wp-json\/wp\/v2\/comments?post=16504"}],"version-history":[{"count":0,"href":"https:\/\/coforge.site\/cigniti\/blog\/wp-json\/wp\/v2\/posts\/16504\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coforge.site\/cigniti\/blog\/wp-json\/wp\/v2\/media\/16505"}],"wp:attachment":[{"href":"https:\/\/coforge.site\/cigniti\/blog\/wp-json\/wp\/v2\/media?parent=16504"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coforge.site\/cigniti\/blog\/wp-json\/wp\/v2\/categories?post=16504"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coforge.site\/cigniti\/blog\/wp-json\/wp\/v2\/tags?post=16504"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/coforge.site\/cigniti\/blog\/wp-json\/wp\/v2\/ppma_author?post=16504"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}