Expertise on-demand: APIs and the enablement of innovation

The API economy is enabling new ways of designing and using technology

Simon Wood is the CEO of Ubisecure

While APIs are nothing new, in recent years we've seen a sizeable shift in the role they play in mobile and web applications, leading to the birth of the so-called ‘API economy'. The growth of third-party APIs is primarily down to getting new applications to market quickly, alongside an increase in digital transformation initiatives led by the c-suite and the need to find more specialist developer skills. In addition, companies have realised that it's not necessary to invest resources in reinventing the wheel to create new functionality in-house that already exists elsewhere.

API-first companies now provide such value to organisations. This may be through low-risk functionalities like forms or maps, or in much more revolutionary ways - take Twilio, for example, a company that has made communication connectivity as simple as a few lines of code. Or the likes of Stripe, a software platform that has fundamentally changed the way developers build payments into apps.

In short, APIs enable the democratisation of highly specialised functionality. But whether you are a mature business or a start-up, there are three key components that any customer application needs: communication, payment and identity.

Know-how on demand

It can take a long time and a diverse set of skills to gain experience in niche areas that are driven by standards. However, using APIs means that knowledge can effectively be "plugged in" instantly.

With that in mind, it's worth noting that third-party APIs are built for very specific purposes. API companies will make significant investments in their API products, deliver this offering to many customers and, in turn, have a substantial effect on the network. The value to customers comes through the API company being the domain expert, participating in driving standards and regulation, while being close to market trends - creating highly effective solutions as a result when compared to those developed in-house.

Creating room to innovate

Jeff Lawson at Twilio called APIs the "building blocks" that "allow developers and organisations of any size to rapidly build new ideas". Ultimately, in this vein, it's about giving companies the room to develop their own ‘special sauce'.

All too often, organisations underestimate the resources required to build core functionality in-house. And if developers do invest their time and efforts there, they aren't thinking about what the ‘special sauce' of the app should look like. Uber is a good example here, given that the app is a series of third-party APIs. Because of this, the application is agile and effective and developer time has instead been spent defining the company's value proposition. There are many other apps that only exist today thanks to the ability to outsource specific functionality through a rich library of APIs.

Handling identity data right

Getting identity management right is an effective way of protecting and managing the ID data of your customers as they engage with your application. On the other hand, getting this wrong can lead to GDPR fines, data breaches and a loss of trust in your customer base.

When thinking about the ‘on-demand knowledge' that would be needed for developers to build an effective solution, there are several key areas for consideration. This includes multi-factor authentication, social identities and identity standards such as OpenID Connect, to name just a few.

Not only that, it would also be necessary to have in-depth knowledge of infosec policies around delegation of authority and password management. If not implemented in the right way, a lack of expertise in these areas and an attempt to build functionality in-house could spell disaster.

To give a specific example, Facebook suffered a huge breach back in September 2018 - all down to a bug in its implementation of access tokens. If it's possible for a company with such power and resource to make mistakes when it comes to an area outside its core expertise, just imagine how else this could manifest for other organisations around the world.

No matter how large a developer team some companies have, the risks that come with building in-house are clear. Fortunately, APIs present a solution - the opportunity for knowledge to be ‘plugged in' instantly.

As organisations begin to view third-party APIs as on-demand expertise, developers are able to get their apps to market faster and to invest more time and resources into what makes them different - their ‘special sauce'. And for the API companies out there, excitement continues to grow around the API economy as they witness real step-change within industries and, above all, see their customers successfully innovate.

Simon Wood is CEO of Ubisecure.

Delta is a new market intelligence service from Computing to help CIOs and other IT decision makers make smarter purchasing decisions - decisions informed by the knowledge and experience of other CIOs and IT decision makers.

Delta is free from vendor sponsorship or influence of any kind, and is guided by a steering committee of well-known CIOs, such as Charles Ewen, Christina Scott, Steve Capper and Laura Meyer.

Many crucial technology areas are already covered, including a special report on APIs, with more data appearing and more areas being covered every week. Sign-up here for your free trial of the Computing Delta website.