As I look through the business models of leading API providers I am profiling, I'm increasingly seeing security as a selling point. When API providers break down their pricing into tiers, they are usually very good at breakdown down the elements of what goes into each plan--this is what I have been studying for last couple weeks.
When I come across security leveraged as part of API plans, it is rarely a part of the free or entry levels, and is something you usually see in the higher level paid plans, and enterprise tiers. Here is an example of this, in a screen shot from the Box pricing page.
These plans are part of the SaaS side of the Box operations, but Box are pretty unique in that they have separate pricing tiers for the SaaS side of their operations, and a related, but addition set of pricing for the API side of their platforms. However, Box's approach provide the best example of this in action, with add-ons beyond the plan based pricing, that were also very security focused.
Box is a document platform that services the enterprise, which includes numerous, very heavily regulated industries. It makes sense that they are emphasizing security. My focus is that security is leveraged as specific feature of individual plans, with an emphasis on it being present in the upper tiers, and with add-ons.
This really isn't news. It makes sense that an emotionally charged element like security is used as a component of planning and pricing. I'm just looking to document security as a component of API planning for my research, educate other platforms about the potential for this type of use, but I am also looking to better understand how different companies, in different industries are wielding it (or not).
I predict that security will increasingly be used as a component like this in SaaS and API planning. In the current, very insecure online environment we all are living in, individuals and companies will pay a premium for real or perceived security. My goal is to better discovery when security is wielded like this, and try to better understand when it is a real component of API planning versus when its just used as an emotional way to convince people to upgrade to higher level plans.
