The Banking Security Stack
Banks are recognizing the increased security risks that APIs bring and
the new threat surface layer that can be exploited. Banks are instituting
a range of security protocols and are considering more, all recognizing
that one solution will not be enough.
HTTPS encryption
Currently in place (N=55) Considering (N=50)
Endpoint provisioning
2 factor authentication
OAuth1.a
ActiveDirectory authentication
mTAN
Tokens
Private/custom authentication
Basic authentication
User Managed Access
RSA tokens
Fido alliance
OAuth2
Biometric/fingerprint hash detectors
SSO
2 device authentication
Multifactor authentication
Selfies
OpenID Connect
Curl
OpenFin
Other
0 10 20 40 30 50
42
40
38
37
29
23
18
15
14
13
11
9
7
6
6
3
3
2
2
1
18
10
25
23
5
5
5
8
22
17
9
1
16
4
7
11
3
6
5
1
3
API Security measures
22
State of the Market report 2018
