Registering your Application
Embedded Banking Components require some customization and setup on Apiture’s end before they can be included in a non-bank partner’s application. A team from Apiture is assigned to the Financial Institution (FI) and any non-bank partners to help guide the customization and security parameters of the Embedded Banking Component.
Meeting your Apiture Contacts
Once an FI has expressed interest in offering Embedded Banking to potential partners, a team at Apiture is assigned to the FI. This team can be contacted with any questions, concerns, changes or requests about Embedded Banking, including changes to the components appearance or adding new non-bank partners.
Providing Contacts for the FI
The FI must provide lead contacts for their Embedded Banking projects. These are a handful of staff at the FI who approve non-bank partner and address any questions from Apiture that may arise. This list is originally created during the onboarding process.
Apiture must be aware of each approvers:
If an individual needs to be added to or removed from the list of approvers, someone who is already an approver can contact the Apiture team and request the needed change.
Providing Contacts for the Non-Bank Partner
Company (EB Partner)
EB Partner name (informational): “Newtek” (i.e. who is connecting to the components)
Email domain that their employees will use when they register for the DevPortal
Email address (must match the company domain)
The FI they are partnering with
API Banking products = Embedded Banking
Providing Partner Application Information
Apiture needs information on the non-bank partner’s application or website that can host the embedded banking component. Productions environments and any development environments all need to be registered as individual applications, even when they applications function identically.
Each application requires a descriptive name so the specific application can be easily identified. If multiple environments are used for an application (such as a development environment and a production environment), this should be included in the name. Names such as ‘Marie’s Auto Shop – Dev’ or ‘UoM – Prod’ identify both the environment of the application and the non-bank partner.
Embedded banking components can only be contained within applications that have been safelisted to display them. For example, a component can be accessed from the safelisted TiburonBank.com, but cannot be accessed from TiburonEmployees.com.
Only one domain can be safelisted per application. If multiple domains or sub-domains are used in an application (including development URLs) those URLs will each need to be registered as a separate application.
Note: The safelisted domain must go directly to the application. It cannot be a generic domain to a shared cloud-based hosting service. The URL cloudhosting.com would be rejected for potentially safelisting many websites, while cloudhosting.com/partnerwebsite would be accepted since it goes directly to the partner’s application.
The non-bank partner is allowed to set the time until a user is automatically disconnected from the FI for any non-production instance of their application. Production instances of an application have the timeout directed by the FI and cannot be modified by the non-bank partner.
For more information on FI configuration see the Component Configuration article.
Selecting and Configuring your Components
Apiture currently handles all requests for component configuration by meeting with the FI and the non-bank partner’s team to ensure the Embedded Banking component fits the desired design and branding of the partner’s application.
Components are highly customizable, including adjustable text, color schemes, sizing, images and branding options. Apiture’s team will walk the non-bank partner through each of these options and discuss each customization.
Any future adjustments to the configuration are also made by Apiture’s team, and requests can be made any time a change is needed.