API Quality - Overcoming the Challenges

As mobile technology and the Internet of Things drive the growth of the API economy, providers and developers are faced with 3 major challenges that threaten API quality: security, integration and standardisation.

~ Written By Andrew Fullen

As mobile technology and the Internet of Things drive the growth of the API economy, providers and developers are faced with 3 major challenges that threaten API quality: security, integration and standardisation. APIs are big business and companies like Salesforce, NetFlix and Facebook are responding to more user requests through API calls than through their own front-end. When an API falls short of a customer’s quality expectations, providers face the serious risk of losing those customers. There is also a danger of more widespread reputational damage as 33.4% of users say quality issues would make them consider switching API providers permanently and 31% admit they would report the problem externally to their peers and other customers rather than to the provider.

So, as an API provider how can you overcome these challenges and mitigate these risks to reap the benefits of providing a quality API?

First it’s essential to understand what your customer actually wants and see how this corresponds to the challenges you are experiencing as a provider. The 3 top requirements of API consumers are ease of use, excellent responsiveness and performance, and overall service reliability.

API Security

As is usually the case when the IoT is a driving force, security is top of the list of challenges for 41% of providers with regard to both internal and external APIs. An API increases the attack surface and can provide hackers with a roadmap to app functionality and internal database structure that would normally be invisible under layers of functionality, so opening up new attack vectors.  It’s interesting to note then that only 40% of API providers are currently using a specialised API testing tool! The key to mitigation is to take a shift left approach to implementing built-in security measures and security testing and execute thorough authentication, encryption, access control and penetration attack test scenarios, while carefully monitoring the back-end during test execution.

API Integration

The lack of integration between tools and systems is another major challenge. The best way forward is to carefully define your user stories, select and authenticate integration endpoints, define standard and custom data endpoints, map and transform your data, determine event triggers and orchestrate continuous integration testing from the outset.

Lack of Standardisation

While standardisation is recognised as a major challenge and 75% of providers say they have a formal developer documentation process, only 45% make it a priority and 25% say they either don’t have one at all or haven’t been made aware of it! Providers need to create a clear developer documentation process and ensure visibility and accessibility to all relevant team members while forming partnerships and working groups with other businesses to share information, develop API specifications and reference architectures.

Reputation Management Strategy

As always, users’ demand for a speedy delivery has to be weighed against the even bigger demand for quality. Nearly a third of API providers admit that a lack of time and resources is the major barrier to quality, with lack of expertise and the complexity of many API tools also being major issues. The other important factor that goes in hand with quality and brand reputation, is how providers respond when customers flag up an issue, and the statistics show that worryingly, less than 10% of API issues are resolved within 24 hours and nearly 24% remain unresolved for more than a week!

The key elements of an API brand reputation strategy are to:

  • Promise reasonable response and fix times that you can genuinely meet
  • Provide a temporary solution, workaround or back-up until the issue is fixed
  • Create several lines of efficient communication for customer feedback, initial response, updates, notification of resolution and final feedback to ensure customer satisfaction.
  • Enable communication on the same platforms where complaints are made. So if, for example, your customers are complaining publicly on social media, then you need to have a social media presence and engagement strategy giving you the ability to take control of the conversation, publicly acknowledge the issue and demonstrate that you are fixing it and offering excellent customer service.
  • Take a shift left approach to continuous testing with a comprehensive test strategy that focuses on the main areas of security and integration.
  • Work with a partner who is an expert in disruptive technologies such as IoT and Mobile and who has strong partnerships of their own in terms of access to best in class tools that offer, re-usability of tests, scripts and resources.
  • Create a set of metrics with Performance as the key measure of success.

State of API Survey

All statistics in this post come from SmartBear Software’s 2016 State of API Survey.

You can download the full survey here: http://smartbear.com/SmartBear/media/ebooks/State-of-API-Report-2016.pdf

If you want to discover more about how to overcome integration challenges to deliver high-quality APIs you can also listen to the recording of our recent webinar with SmartBear, here.

todo todo
contact us
  • Sogeti UK
    Sogeti UK
    Make an enquiry
    0330 588 8200