The financial industry has historically been conservative when it comes to software development, especially when it comes to picking open-source applications over proprietary code. That caution is softening as more financial companies are now embracing open source.
Recent research shows that 87% of finance industry respondents believe open source is valuable to the future of the financial services industry. Open-source code is an integral part of most software — even proprietary products. Despite its lower cost to adopt, open source has posed challenges to the fintech industry over the years.
Industry reports show that open-source products provide other benefits and opportunities in the financial industry. According to Michal Nosek, senior enterprise architect at open-source database software firm Percona, open source plays a crucial role in the financial industry and is gaining increasing adoption across various use cases due to its proven value over the years.
“True open-source solutions, distinct from source available solutions, facilitate faster innovation as developers are already familiar with them. Moreover, open-source technology does not require lengthy procurement processes to obtain rights for its use,” Nosek told LinuxInsider.
He added that the combination of high quality and significantly lower costs compared to proprietary solutions makes open source an attractive choice, particularly in challenging economic conditions where infrastructure costs are a significant consideration.
Expanding Use Cases Evident
The use cases for open source are expanding within fintech. Open source was often perceived as inferior to proprietary solutions in the past, but this is not the case anymore, mainly due to the broader acceptance of open-source security measures.
“Many industry leaders consider security through transparency, which is inherent in open-source code, to be superior to security through obscurity in closed-source code.” Nosek shared, citing findings in a recent Red Hat survey. “A significant percentage [89%] of IT leaders believe enterprise open source is as secure or even more secure than proprietary software.”
In addition, Percona’s research shows 73% of respondents cite security and control as critical drivers for choosing open-source databases over proprietary solutions.
“Open-source database solutions have reached a level of maturity that enables them to serve even the most regulated use cases and industries. Additionally, the wide variety of open-source solutions allows engineers to choose the best tool for the job without licensing restrictions,” Nosek noted.
Challenges Still Exist
Some open-source challenges still stand in the way of more widespread adoption of open source in the financial industry. Nosek is sure these will diminish as open-source use within the financial sector becomes increasingly prevalent. But the challenges currently hinder some opportunities for further integration in the financial industry.
“One such challenge is the open core model where a basic open-source solution may not comply with regulatory requirements, necessitating the use of proprietary licenses for compliant production deployment,” he said.
The multitude of open-source licenses also makes it difficult to understand the limitations and restrictions of specific licenses and their suitability for particular use cases. Further, risk-averse organizations may perceive the risk of using less popular open-source projects as too high in terms of potential abandonment or discontinued development.
“Finally, the response to security flaws or bugs from the community may not be sufficient for critical use cases in the financial industry. Mitigating these risks involves having reliable vendors who support the chosen open-source projects, thereby maintaining the benefits of open-source software adoption,” Nosek added.
Rules Compliance Critical in Finance
Compliance with regulations and industry standards is essential when selecting and using open-source databases in the financial industry, carrying significant weight in the decision-making process.
Open-source database ecosystems offer a multitude of solutions. The abundance of these solutions makes it challenging to assemble a comprehensive solution from various components.
However, solutions like Percona’s Distribution for MySQL, PostgreSQL, and MongoDB address this challenge by providing tested and integrated packages that meet enterprise requirements, including compliance with different regulations, Nosek suggested as solutions to the compliance conundrum.
Financial institutions can effectively integrate open-source databases with their existing systems and infrastructure due to some important characteristics of open-source software. Its solutions often adhere to open standards, making integration with existing systems and interfaces relatively straightforward.
“These solutions are also typically expandable, with available plugins or extensions for integration, or the ability to extend them in-house, which is not possible with proprietary solutions,” he explained.
Moreover, the popularity of many open-source projects, such as MySQL and PostgreSQL, encourages proprietary solution vendors to provide out-of-the-box integrations. These factors contribute to easier integration into existing infrastructure compared to proprietary solutions.
Addressing Security Concerns
According to Nosek, two main security concerns related to using open-source databases in the financial industry are the lack of proper support in the event of a security flaw and the misconception that open-source code is less secure. However, it is possible to mitigate these risks.
One workaround is having a support agreement with an independent vendor that can provide patches with guaranteed service level agreements and helps address the issue of support.
“Additionally, the transparency of open source code works better in practice for security, as it allows for comprehensive evaluation of changes in each version and the implementation of patches or workarounds when needed,” he noted.
Evaluating Open-Source Options in Fintech
Fintech organizations can evaluate and select the right open-source technologies for their specific needs and use cases by following similar evaluation processes as with proprietary solutions. The key requirement is that the tool fulfills specific requirements.
“Evaluating open-source technologies is often easier because they can be used immediately with all features without the need for a vendor relationship,” Nosek said.
However, some important areas still need to be considered during the evaluation.
First, it is crucial to determine if the open-source version of the solution can meet expectations without requiring a proprietary license that may lead to vendor lock-in. Evaluators should also carefully examine the license associated with the open-source solution to ensure it is genuinely open-source and not just source available.
Another aspect to consider is the ownership of the project — whether it is owned by a community or a commercial entity. The size and activity of the community behind the project, including contributors and user base, can provide insights into its reliability and future development.
“Finally, if considering a cloud implementation of an open-source database, it is important to determine whether there is an easy way to migrate away from the cloud vendor if needed or if there is a risk of being locked into a specific cloud provider,” Nosek suggested.
Open Source’s Bottom Line in the Financial Industry
Open-source databases have promising use cases in the financial industry. With a wide range of solutions available, there is likely an open-source alternative for almost any proprietary solution on the market, according to Nosek. From a regulatory perspective, they have become feature-rich enough to comply with most regulations in the financial industry.
“Nearly every use case is a good candidate for utilizing open-source database solutions,” he concluded. “Today, many large organizations in the financial industry have made significant modifications to their enterprise architectures to prioritize open-source solutions.”
This includes banks, payment providers, and other institutions. Consequently, dedicated teams within organizations now focus on implementing and managing open-source database solutions.
Another noteworthy trend is the migration from proprietary databases, such as Oracle, to open-source databases, particularly PostgreSQL. Once an open-source technology platform is established and proven within an organization, more workloads, including Tier One applications, are migrated to it.