PSD2 on the horizon: JSON / API testing to become competitive asset as European banks are required to provide XS2A

Note: This is an archived version of an older white paper. Please refer to the updated May 2016 version instead!

Just as the SEPA migration has passed its most critical phase, another major change is imminent: the European Commission is preparing the revised Payment Services Directive (PSD2) which, once in effect, will require banks to provide programming interfaces (APIs) to their customers’ accounts. This policy, intended to create equal market access and boost the development of mobile banking solutions, comes with technical requirements posing a challenge comparable with the migration to XML in recent years. Yet, it comes with great business opportunities: sailing round the pitfalls of yet another technology, the quick introduction of testing tools allows focusing on customer benefit and cost-efficient adaptation.

JSON, sometimes referred to as “the little brother of XML”, is a powerful format for information exchange. It is the de-facto standard in most mobile applications, the internet of things and wherever simple data interfaces are needed. Hence, while the EC drafts for PSD2 most significantly highlight the general requirement for banks to provide open interfaces to their services, JSON is likely to be the technology of choice. It is an accessible format with a low threshold for developers to use.

“When PSD2 will come into effect at a yet-to-be-defined point in 2016, banks will quickly face the need to implement these solutions”When PSD2 will come into effect at a yet-to-be-defined point in 2016, banks will quickly face the need to implement these solutions – a similar situation as with SEPA requirements a few years back. The best time to hop on the JSON bandwagon is now: being early to the party gives a competitive advantage in the market. In order to support the fast-moving actors in the mobile industry, banks need to ensure that their API users receive the best possible support throughout the API user lifecycle: integration and testing, day-to-day operation and upgrades.

Figure 1: API users need consistent support throughout the entire lifecycle, as products and services undergo constant development.

JSON, the workhorse of mobile apps

JSON and APIs are intrinsically tied to each other. While XML accrued its merits as an ideal format for complex documents, critics have always pointed out that it is also a very heavy format. It is best suited for the exchange of multifaceted documents, while the low-overhead and agile JSON format provides an ideal medium for fast exchange of small entities. This is illustrated by the ability of XML to contain large batches of payments at a time, while JSON is usually applied to exchange information on a single payment.

Figure 2: While JSON code (left, a credit card payment) appears more legible to the human eye, its structure follows strict definitions, just as the XML format (right, a pain.001 message).

Even just looking at the bare code, a JSON file is often considered more legible. Yet, the simplified structure of the file does not make the creation of valid messages less complex. Application logic and business rules still dictate how data has to be structured and formatted. Ultimately, the developer’s needs remain the same as known from XML: a message file has to be validated for its structural integrity and for compliance with the payment provider’s specifications.

Key benefits: Time and money saved

It is estimated that up to 80% of API projects are delayed or abandoned during development as APIs are perceived as “buggy” – often the result of insufficient documentation or the lack of feedback on implementation errors.

In a typical “trial and error” workflow, the default API error response does not usually explain the source of the problem, but the reason for the failed request. Developers are forced to tinker with their code until it works, often resorting to online forums and peer support channels. While days are passing until a working solution has been found and tested, additional issues start to pile up.

Using advanced JSON validation technologies like the XMLdation validation engine, developers receive a diagnostic explanation of the cause and hints to correct the issue, down to a list of faulty line numbers. In most cases, the contextualized feedback and integrated documentation enables developers to fix issues and get the API communication up in an instant.

A proven solution for an emerging business

XMLdation has been the partner of banks, vendors and corporates in the finance sector for years. With the Validator and Simulator services, XMLdation has built a powerful cloud platform to combine syntax, schema and business rule validation with a system that returns valid response messages as banks’ production systems would send them.

The JSON offering makes use of the same technology: The Validator examines the message payload and returns a report, including instructions on how to fix possible errors and a link to the related Wiki page. Valid messages can be sent to the API Sandbox, simulating the API response based on rules defining its behavior. This keeps development activities independent from production systems (with a range of benefits from performance and administration to security) and even allows users to start developing software before the final API is in place.

Figure 3: Once they pass validation, JSON requests can be sent to the API sandbox, triggering a simulated response as the production system would return.

If desired, the rules applied for validation and simulation can be maintained by the banks themselves, using the JSON-enabled XML management service myXML. This allows making API changes available to developers promptly, while at the same time serving as centralized knowledge base and documentation source within the organization.

Empowering banks to seize new business opportunities

Along with the ongoing XML revolution in the banking sector, JSON is likely to take on a comparably important role in the years to come. Just as SEPA made ISO20022 the default in the financial industry, the authority of PSD2 has the potential to establish JSON as the default for mobile banking.

The XMLdation JSON Validator and API Sandbox can be made available to public users and partners as well as be used for internal purposes of payment processors. They are a one-stop shop for developers, simultaneously speeding up internal processes and reducing support team workload, providing superior support to existing customers, and attracting external developers to partner with the bank. As the European Commission pushes the market to open up, banks early on the market with well-supported API access are likely to gain a pole position with mobile developers and enterprises.

With the addition of the JSON Validation and Simulation capabilities, XMLdation’s services now make it possible to test JSON files for syntax and compliance with schema and business rules. The service returns diagnostic information in an actionable format for the developer and accelerates app creation by simulating the real API.

About XMLdation

XMLdation is a global service provider of XML management, end-to-end testing and simulation services for payment-related XML messages.

Our solutions Request a demo today

Stay up to date

Subscribe to our newsletter

Error: message

Result message