Open banking is rapidly changing how banks make information available to their customers. It is also accelerating the adoption of application programming interface (API) management tools to industrialize the deployment of public-facing APIs. My colleague Cheryl Chiodi recently wrote about the challenges and opportunities on meeting the directive by member financial organizations (you can read it here: Open Banking - How to Leverage Open APIs for Competitive Advantage in Financial Services). My post extends that discussion, focusing specifically on API security, and in particular the importance of open identity.
Let's take a concrete example: A third-party mobile application has been built that aggregates account balances from three banks into a single view for the customer. Surely the customer does not wish to authenticate themselves three times in order to access their information.
This problem can be addressed by establishing open identity standards so that APIs can be accessed in a federated fashion. Importantly, this allows a customer to authenticate once through an established identity provider (IP). Once the customer is authenticated, relying parties (RPs), such as individual banks, are able to validate the identity without the customer logging in again.
The OpenID Foundation has created OpenID Connect, an interoperable authentication protocol, and the foundation is supported by the open banking directive Cheryl writes about in her recent post, and there is a shared objective by these two organizations to realize a secure mechanism to access bank information across API providers. It is another example where open communities and governance are allowing banks to participate in the wider Digital ecosystem.
Red Hat's 3Scale API management platform supports OpenID Connect as a security policy out of the box. This is an important capability so that a bank can allow its customers to have access to data openly and more securely.
Leading financial organizations that are seeking to maximize their reach with APIs will find that OpenID support can be a critical capability as they adapt their API platforms to support open banking.
Sobre el autor
Eric Marts is a financial services leader at Red Hat. Prior to joining Red Hat, Eric shaped solutions globally in the Retail Banking and Wealth Management business at HSBC. He has more than 20 years of professional experience across both startups and incumbents. He is particularly interested in unlocking new market opportunities and making financial services simpler and more inclusive for customers with cloud technology.
Navegar por canal
Automatización
Las últimas novedades en la automatización de la TI para los equipos, la tecnología y los entornos
Inteligencia artificial
Descubra las actualizaciones en las plataformas que permiten a los clientes ejecutar cargas de trabajo de inteligecia artificial en cualquier lugar
Nube híbrida abierta
Vea como construimos un futuro flexible con la nube híbrida
Seguridad
Vea las últimas novedades sobre cómo reducimos los riesgos en entornos y tecnologías
Edge computing
Conozca las actualizaciones en las plataformas que simplifican las operaciones en el edge
Infraestructura
Vea las últimas novedades sobre la plataforma Linux empresarial líder en el mundo
Aplicaciones
Conozca nuestras soluciones para abordar los desafíos más complejos de las aplicaciones
Programas originales
Vea historias divertidas de creadores y líderes en tecnología empresarial
Productos
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Servicios de nube
- Ver todos los productos
Herramientas
- Training y Certificación
- Mi cuenta
- Soporte al cliente
- Recursos para desarrolladores
- Busque un partner
- Red Hat Ecosystem Catalog
- Calculador de valor Red Hat
- Documentación
Realice pruebas, compras y ventas
Comunicarse
- Comuníquese con la oficina de ventas
- Comuníquese con el servicio al cliente
- Comuníquese con Red Hat Training
- Redes sociales
Acerca de Red Hat
Somos el proveedor líder a nivel mundial de soluciones empresariales de código abierto, incluyendo Linux, cloud, contenedores y Kubernetes. Ofrecemos soluciones reforzadas, las cuales permiten que las empresas trabajen en distintas plataformas y entornos con facilidad, desde el centro de datos principal hasta el extremo de la red.
Seleccionar idioma
Red Hat legal and privacy links
- Acerca de Red Hat
- Oportunidades de empleo
- Eventos
- Sedes
- Póngase en contacto con Red Hat
- Blog de Red Hat
- Diversidad, igualdad e inclusión
- Cool Stuff Store
- Red Hat Summit