You might say that 1LINK (Pvt.) Limited is the digital glue that connects all of the banks in Pakistan. From ATM withdrawals to online utility bill payments to electronic funds transfers between one bank and another—1LINK is behind the scenes, making those transactions happen.
The company also acts as the focal point for linking its member banks to Visa, MasterCard, JCB and UnionPay global payment networks, as well as to PayPak, Pakistan’s domestic payment scheme, owned and managed by 1LINK.
Incorporated in 2004, 1LINK is considered to be the de facto switch and payment system of Pakistan: it is the sole entity integrating banks throughout the country. The company is owned by a consortium of 11 large banks and has 37 member banks, 700-plus billers and 20-plus non-banking entities that use its payment networks, or “rails.”
1LINK has thrived over the years—partly because it always has an eye toward the future. In developing its strategic vision in 2016, the company set its sights on opening its services to a larger target market. “There were many third parties that wanted to do transactions using the 1LINK rails,” says Azimullah Khan, Chief Information Officer at 1LINK. “We wanted to enable those banks, fintechs, independent service organizations, and bill aggregators and initiators to use our services.”
However, considering the significant cost and time that was required to connect with 1LINK’s system, several potential players faced challenges. At the time, setup and testing of the company’s core electronic funds transfer (EFT) switch technology was complex and the software to run it was in short supply in Pakistan.
Reduced onboarding time
Reduced time to onboard new members from 2–3 months to 2–3 weeks
Growth in transaction volume
Grew transaction volume from 590 million in 2019 to 1.4 Billion in 2020
As part of a five-year strategy developed with the help of an international firm, 1LINK planned to come up with an open API platform. By eliminating the need for expensive middleware or an EFT switch, an open API portal would make it much faster and simpler for various entities—freelance developers, startups, fintechs, banks, financial institutions, non-bank financial institutions, electronic money institutions, payment system operators (PSOs), payment service providers (PSPs), billers and government institutions—to connect to 1LINK’s testing environment and ultimately transition onto 1LINK’s rails.
There were, however, a few important asks. The solution had to be housed on premises, in compliance with State Bank of Pakistan security regulations, and scalable so it could handle large, rapid influxes of transactions.
After evaluating several API management platforms, 1LINK chose the IBM API Connect® solution built on IBM® DataPower® Gateway hardware. Together, they provide a centralized platform for secure access to the company’s APIs for testing and integration. Developers can log in to the platform over a self-serve portal to test with 1LINK’s APIs. The platform also offers API performance and monitoring capabilities.
The company engaged IBM Business Partner Systems Limited to manage the project in late 2018. According to Khan: “Systems Limited was involved from day one in overseeing the entire design and implementation. IBM also worked closely with us to document the overall scope of the project and to consult with us on software and security issues.”
1LINK was particularly impressed by the solution’s security features. “We wanted to maintain the same high level of security on our API platform as in our legacy format, keeping in view 1LINK’s security standards and PCI DSS compliance guidelines,” says Syed Suleman Hasan, Chief Risk Officer at 1LINK. “The DataPower model provides an environment where transactions and access to APIs are extremely secure. And since it’s not a purely open-source platform, we anticipate being able to upgrade or patch the system without issues.”
1LINK Developer portal is a free-of-cost solution offering a catalog of publicly available APIs for interested players to incorporate 1LINK functionality into their use cases. Syed Ahsan Aslam, Chief Disruption Officer at 1LINK, explains: “Over the last two years, the digital payments space in Pakistan has witnessed phenomenal growth, especially the fintech space. Every day, new entrants want to try new things while existing players, such as banks and billers, are exploring ways to cut down overheads and introduce efficiencies. Now, they can test and experiment at their own pace, and when they are ready, they can contact us to transition into our production environment. It’s a win-win situation.”
Today, 1LINK has put its original vision into action—and that vision continues to evolve. “There is a constant push towards digitization now,” says Aslam, “especially this year, because of COVID. The good news is that we are prepared. That’s why we started in 2018—so that by the time we began to see the upside in transaction growth, we would be technologically ready.”
The time and cost savings for 1LINK customers driven through this solution is also a win. Khan estimates testing and onboarding on the API Connect platform takes two-to-three weeks, compared to two-to-three months with the legacy system.
As transactions that pass through the API management platform begin to ramp up, the overall outlook for the company is bright. In fact, the total transaction volume for the company more than doubled between 2019 and 2020—from 590 million to 1.4 billion—and the value of those transactions grew by 64% during that same period—from PKR 4.7 trillion to PKR 8.3 trillion.
Recently, 1LINK has been doing Open API road shows and is getting a lot of interest from the fintech community. “We have a very healthy pipeline in terms of new entities trying to connect to 1LINK,” says Aslam, “and we anticipate that more volume will come through the Open API platform when these entities actually go to market and launch their use cases.”
Going forward, the company plans to use the IBM API Connect solution to enable new integrations with additional industries and areas of government. It also is investigating ways to modernize its infrastructure—a transition that IBM API Connect is preconfigured to accommodate—as well as the possibility of incorporating artificial intelligence into its marketing systems.
“We are looking for a long-term relationship with IBM. The idea is to have secure, reliable systems and to be able to scale up to handle a large level of transactions—not just from ATMs, but from mobile apps, internet banking portals and e-commerce apps. We are looking at API Connect to help us do that,” says Khan. “We started off with 12 APIs. Today we have already crossed 30 APIs and expect possibly to have another 100 over the next two years.”
1LINK (link resides outside of ibm.com), owned by a consortium of 11 banks, is Pakistan’s first payment service operator (PSO) and payment service provider (PSP) and the largest switch and payment system, providing a host of valuable online banking services such as ATM switching, bill payment, inter-bank funds transfer, fraud risk management, switch dispute resolution, global payment schemes and domestic payment schemes. 1LINK is continuously evolving and adding new products and services to benefit the financial industry.
IBM Business Partner Systems Limited (link resides outside of ibm.com) is a leading global provider of IT, business process outsourcing (BPO) and contact center services. Founded in 1977, the company is headquartered in Lahore Cantt, Punjab, Pakistan, and provides computing strategies and solutions to both corporate and public sector organizations. It has overseen projects in the US, Pakistan, the Middle East and Africa and employs over 5,000 people globally.
Legal
© Copyright IBM Corporation 2021. IBM Corporation, IBM Cloud, New Orchard Road, Armonk, NY 10504
Produced in the United States of America, February 2021.
IBM, the IBM logo, ibm.com, DataPower, and IBM API Connect are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copyright-trademark.
This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates.
The performance data and client examples cited are presented for illustrative purposes only. Actual performance results may vary depending on specific configurations and operating conditions. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided.
The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.