“All of our APIs are designed to handle 200–250 millisecond responses. A lot of our APIs come back in less than 100 milliseconds. If you’re on the West Coast, you’re talking 200 milliseconds round-trip.”
Tradier includes three Rails applications and eight web services, AWS infrastructure, and Apigee Edge implementations. They have a lean tech team, which uses Java for the APIs’ backend, Dropwizard framework and Ember.js for front-end. In addition, they use NGINX as a webserver for most of the application solutions.
He admits that though they initially chose XML for Tradier, they now wish they had built it using exclusively JSON.
“Most of the APIs are JSON based, though when we launched our product six years ago, XML was still something that people wanted to use, so we actually launched an XML-focused solution as well. If we had to rebuild all the stuff that we have today, we’d use JSON exclusively.”
Security for customer privacy
Amazon isn’t Tradier’s only partner. To continuously deliver secure and risk-free services they have integrated with Apigee (recently acquired by Google), which helps them layer on some authentication components and use some of their protection services, such as Spike Arrests.
People send a lot of information to open a brokerage account, which is why the solution ends up being built around customer privacy. Jason states that all of the information that gets sent to Tradier is encrypted.
“Our adviser partners who use our APIs are sending us information always over a secure tunnel using SSL. We don’t offer any APIs that aren’t over SSL and we don’t store things we don’t need to.”
For regulatory compliance, they use a solution called NetDocuments. As a registered broker-dealer, they have to do AML and KYC checks, which they use a number of different partners for.
“Our clearing firm, Apex, does a number of checks, [and we also] do our own, so when you send us information, we go and check [it] out on the fly.”
Customer support and integration
Tradier continuously focuses on partnerships and gets a lot of feedback on their API. In some cases, they can configure their API to integrate with the partner’s product: