Ever since PSD2 entered into force, each bank has its own exposed API and TPP applications that have to use a variety of APIs for a single action. For example, assume that app users have accounts in multiple banks; so to show the overall balance information, a TPP application must call an API from every bank that holds users’ accounts.
Absence of API specs allows banks to expose different set of API, with different methods and underlying technologies, and some PSD2 analysts view this lack of API description as the path to a so-called API anarchy.
Bank APIs will change within time, initiated by the banks themselves or by legislaton as PSD2 evolves. Each change could lead to changes in the TPP apps integration. With new banks that will emerge with their APIs, it is clear that TPPs will be in a cycle of permanent integration changes.
The need for API gateway is clear: make integration seamless (integrate to just one endpoint) and make single API call, while the gateway orchestrates separate calls to separate APIs hosted in the banks.