Find an API gateway to receive sensitive data securely from banks
- Integration with country’s top banks enables real-time data feed and scanning of all transactions for anomalies.
- Virtual appliance aligns with Agency’s virtualization strategy.
- Direct, secure communication with banks, plus high availability and scalability.
- Open standards enable communication via REST, SOAP, JSON, XML, FTP and other protocols, all secured using Axway API Gateway.
Agency with a Mission
Preventing fraud and the financing of terrorism
This government organization’s purpose is to protect the integrity of its country’s financial system and contribute to the administration of justice by countering money laundering and the financing of terrorism. The organization (“the Agency”) is the country’s anti-money laundering and counter-terrorism financing regulator. As the country’s financial intelligence organization, the Agency collects, analyzes and disseminates financial intelligence to law enforcement, revenue, national security and other agencies within the country and across the globe.
The Agency communicates directly with the country’s primary banks and searches for anomalies within transactions that could possibly be fraudulent or detect criminal behavior. To provide this service, the Agency must integrate with the banks’ own systems, and have the ability to scan all transactions. The Agency receives a high-volume feed of financial transaction data from the country’s banks, covering many millions of transactions per day. All of this data must be received over a secure channel.
This goal requires a powerful, high-performance, secure gateway.
Search for the Right API Gateway
Secure, open and future-proof
Using analyst reviews and other industry information, the Agency began its search for an application gateway, including initiating Requests for Information (RFIs) from several organizations. One of the Agency’s priorities was a virtualized solution that would comply with its virtualization strategy overall, and would not require new hardware to manage. The Agency also required a gateway based on open standards, since most banks use web services and APIs.
As a forward-thinking organization, the Agency wanted a solution that would work well into the future, integrating with banks using APIs and other technologies as needed, and providing the scalability necessary to handle large amounts of data in real time. The Agency also required a high level of security and reliability due to the sensitive nature of the data.
It was critical to the Agency that the oversight process not be seen by banks as a hindrance to their operations, but rather as a team effort to help prevent criminal activity. To that end, the Agency’s goal was to cause no delays or other problems that would affect the banks’ transactions with their customers.
The Agency tested several gateways that seemed capable of meeting its requirements, including Axway API Gateway. The Axway solution was downloaded and tested remotely in a virtualized environment, with Axway providing support via phone, email and online meetings. In addition, the Agency contacted other organizations that had successfully implemented Axway API Gateway to learn about their experiences.
After all testing was complete, the Agency chose Axway API Gateway as a virtual appliance deployed on VMware. The chosen architecture is designed to scale elastically, leveraging the capabilities of VMware’s platform.
The Solution in Use
Virtual becomes reality
With Axway API Gateway, the Agency has real-time, live data feeds from banks, scaling to millions of transactions per day. The Agency can securely analyze banking transactions for fraud and criminal activity, and generate audit trails that can be used as evidence and for tracking. Axway API Gateway provides a highly available, open-standards based, interoperable solution that works continuously with bank data flows via REST, SOAP, XML and JSON APIs. Real-time monitoring graphically shows these enormous data flows being received through Axway API Gateway.
Secure Data Flows
Governing the flow of data
Axway API Gateway provides multiple layers of data protection — including transportand message-level security — and serves the Agency as a policy enforcement point for authentication and authorization. At the Agency, it acts on a high-volume flow of data, processing the data flows in real-time. All of this data must be secured without adding undue latency to systems at the banks or the Agency. Because the requirement to scan the transactions is time-sensitive, any delay in managing the data flows would be detrimental to the system as a whole. Axway API Gateway provides the requisite level of security without degrading performance.
The right gateway for the Agency and the banks
Axway API Gateway is the right application gateway for this government Agency seeking to integrate with the country’s primary banks in order to detect potential criminal activity within financial transactions. Axway API Gateway is a highly available, standards-based, interoperable solution that works continuously and securely with bank data flows.
The Agency is completely satisfied with the performance and security of Axway API Server. In fact, on the Agency’s recommendation, one of the banks it works with has chosen to invest in Axway API Gateway for its own use, validating the solution and spreading the benefits of high-performance security across the banking ecosystem.