Blog authored by Mark Haine.The OpenID Foundation submitted comments to the CFPB on the recent Open Banking rule 1033 on Friday, December 29, 2023. The cover note to the CFPB is provided in full below, and the detailed comments can be viewed here. We are proud to support the CFPB in their due diligence on this| OpenID Foundation - Helping people assert their identity wherever they choose
We introduce open banking and cover state-of-the-art bank-grade security standards to ensure banking APIs meet the latest regulations and compliances.| Nordic APIs
Most technologists understand the benefits of open banking, however, end users are struggling to see the point. How can we evangelize to these consumers?| Nordic APIs
What is OpenID Connect? In this post we go back to basics and take a look at what OpenID Connect was designed to solve and how it accomplishes it.| Nordic APIs
In this post we’ll look at a suite of standards that focus on improving API security: The Financial-grade API (FAPI) Profile.| Nordic APIs
The changes being engineered by the FAPI Working Group have brought about a new version of the standards, namely FAPI 2.0. In this post, we outline what’s new and uncover why FAPI 2.0 is an improvement on what’s gone before.| Nordic APIs
Financial-grade security is not just for banks. Here are the tips and standards required to bring financial-grade security to any scenario.| Nordic APIs
The OIDF FAPI Working Group recommends approval of FAPI 2.0 Security Profile and FAPI 2.0 Attacker Model as Final Specifications.| OpenID Foundation - Helping people assert their identity wherever they choose
The most flexible and standards-compliant OpenID Connect and OAuth 2.0 framework for ASP.NET Core.| docs.duendesoftware.com
In the first two articles, we discussed how to design your system in order to build strong access control. We looked at how you can strike the right balance in terms of what information is associated with your access token, and we looked at balancing identity and local permissions. This article will take a look at how to configure a client in order to get a token, and how we handle sessions.| securityblog.omegapoint.se
As independent security consultants we have had the opportunity and privilege to help our customers selecting and implementing a plethora of different solutions.In this article we aim to share with you some of the key factors to consider when selecting the right IdP solution for you, a central part of your architecture and IAM solution.| securityblog.omegapoint.se