4. How secure are APIs?

from Whitepaper by Netacea | PSD2 and API Security

3. What role do AISPs & APIs play in open banking?

In the open banking infrastructure, APIs sit between the PSP and the TPP to make sure data can be shared between the two. To ensure banks implement secure API infrastructure by design, account scraping is a banned practice under PSD2. Account scraping is often used by fintechs to gather user data as well as by bots with malicious intent.

It’s therefore vital to work with your eyes wide open here. APIs are becoming an increasingly attractive target for cyber-attacks alongside websites and applications. Establishing a resilient API environment is absolutely crucial to maintaining a truly secure and high-functioning ecosystem in which both interconnected parties are protected.

If an API is exposed, bots can be used to takeover accounts, scrape data and prevent the API servicing users.

API’s have three points of vulnerability – browser, mobile app and the API server – and each must be secured with appropriate mitigation methods.

4. How secure are APIs?

Next Article

3. What role do AISPs & APIs play in open banking?

More articles from this publication:

3. What role do AISPs & APIs play in open banking?

What is PSD2 & how is it disrupting the financial landscape?

1. If PSD2 is a European Law, will the UK need to comply after brexit?

How Netacea supports PSD2 compliance

5. Secure your APIs to secure your business

2. PSD2 puts change and opportunity in the hands of PSPs

This article is from:

Whitepaper by Netacea | PSD2 and API Security