SFTI’s “Common API” working group publishes a white paper providing insight into the handling of cyber security risks around open API’s.

Implementing a consistent cyber security strategy has become an important element for sucess in banking today. Even more so given implementations of ecosystems and opening of API’s to third party providers and other banks. The clients trust in financial institutions to keep their data save, secure and confidential is a valuable commodity.

For that matter, the SFTI working group “Common API” has taken a step back and performed a risk assessment and thread modelling with focus on Open API’s. The relevant threat scenarios have been identified and recommendations for mitigation actions developed and documented.

The now published white paper can be utilized by financial institutions as guidance to a secure implementation of open API’s.

The white paper can be downloaded here.