blockisthenewchain.com
  • Home
  • Cybersecurity
    • All
    • Corporate Security
    • Data Security
    • System security
    • Web Security
    edge computing

    How important is Edge Computing Security?

    Enhance Smart Cybersecurity

    Three Cognitive Technologies to Enhance Smart Cybersecurity

    phishing_result

    An 11-fold increase in phishing attacks exploiting SaaS platforms

    phishing attacks exploiting saas

    A Simple Guide to Manually Renewing an SSL Certificate

    Protecting Your WordPress Site

    6 Tips for Protecting Your WordPress Site

    Secure SSH Server

    8 Ways to Secure SSH Server Connections on Linux

    Trending Tags

    • Vulnerability
    • IoT-Security
    • Metaverse
    • Application Security
    • Cloud-Security
  • Hacking stories
    • All
    • Apps Hacking stories
    • Exchange Hacking stories
    protect your smart home

    How to protect your Smart Home from hackers

    Hacking Anonymous

    6 ways the hacker group Anonymous is waging cyber-war against Russia

    Investment scammers

    Investment scammers target dating app users

    Axie-Infinity-AXS-Metaverse

    Hacking Story: How a fake job offer took down the world’s most popular crypto game?

    Trending Tags

    • Artificial-Intelligence
    • website security
    • Deep-Learning
    • Hacker-Attack-and-Defense
  • News
    • All
    • Business
    • Crypto News
    • Cybersecurity News
    • World News
    Vitalik-meta

    Meta’s metaverse is doomed, says Vitalik Buterin

    Tiner metaverse

    Tinder puts its metaverse and digital currency project on hold

    bernard arnault

    Bernard Arnault’s investment fund will invest 100 million euros in Web3

    invest in cybersecurity startup

    How can VCs invest in cybersecurity startups in challenging times?

    Venture-Capital-decline

    Cybersecurity Venture Capital Investments: Severe Decline in Q2 2022

    SaaS Security Certification

    A Comprehensive Guide to SaaS Security Certification

    Trending Tags

    • WEB3
    • DEFI
    • Crypto
    • Blockchain
    • Data Security
  • Blockchain
    • All
    • Cryptocurrency
    • Metaverse
    • NFT
    • Trends and DEFI
    • Web3
    blockchain API

    Excellent blockchain API for developers

    The next generation of blockchains

    The next generation of blockchains – cross-chain interoperability

    massa-autonomous-smart-contracts

    Can autonomous smart contracts be the future of blockchain technology?

    blockchain-Blockisthenewchain

    Blockchain Basics – What is Blockchain Technology

    metaverse-cloud

    How will the metaverse affect cloud security?

    What is MetaMask

    What is MetaMask? And is it safe to use?

  • Startups
  • Login
No Result
View All Result
  • Home
  • Cybersecurity
    • All
    • Corporate Security
    • Data Security
    • System security
    • Web Security
    edge computing

    How important is Edge Computing Security?

    Enhance Smart Cybersecurity

    Three Cognitive Technologies to Enhance Smart Cybersecurity

    phishing_result

    An 11-fold increase in phishing attacks exploiting SaaS platforms

    phishing attacks exploiting saas

    A Simple Guide to Manually Renewing an SSL Certificate

    Protecting Your WordPress Site

    6 Tips for Protecting Your WordPress Site

    Secure SSH Server

    8 Ways to Secure SSH Server Connections on Linux

    Trending Tags

    • Vulnerability
    • IoT-Security
    • Metaverse
    • Application Security
    • Cloud-Security
  • Hacking stories
    • All
    • Apps Hacking stories
    • Exchange Hacking stories
    protect your smart home

    How to protect your Smart Home from hackers

    Hacking Anonymous

    6 ways the hacker group Anonymous is waging cyber-war against Russia

    Investment scammers

    Investment scammers target dating app users

    Axie-Infinity-AXS-Metaverse

    Hacking Story: How a fake job offer took down the world’s most popular crypto game?

    Trending Tags

    • Artificial-Intelligence
    • website security
    • Deep-Learning
    • Hacker-Attack-and-Defense
  • News
    • All
    • Business
    • Crypto News
    • Cybersecurity News
    • World News
    Vitalik-meta

    Meta’s metaverse is doomed, says Vitalik Buterin

    Tiner metaverse

    Tinder puts its metaverse and digital currency project on hold

    bernard arnault

    Bernard Arnault’s investment fund will invest 100 million euros in Web3

    invest in cybersecurity startup

    How can VCs invest in cybersecurity startups in challenging times?

    Venture-Capital-decline

    Cybersecurity Venture Capital Investments: Severe Decline in Q2 2022

    SaaS Security Certification

    A Comprehensive Guide to SaaS Security Certification

    Trending Tags

    • WEB3
    • DEFI
    • Crypto
    • Blockchain
    • Data Security
  • Blockchain
    • All
    • Cryptocurrency
    • Metaverse
    • NFT
    • Trends and DEFI
    • Web3
    blockchain API

    Excellent blockchain API for developers

    The next generation of blockchains

    The next generation of blockchains – cross-chain interoperability

    massa-autonomous-smart-contracts

    Can autonomous smart contracts be the future of blockchain technology?

    blockchain-Blockisthenewchain

    Blockchain Basics – What is Blockchain Technology

    metaverse-cloud

    How will the metaverse affect cloud security?

    What is MetaMask

    What is MetaMask? And is it safe to use?

  • Startups
No Result
View All Result
blockisthenewchain.com
No Result
View All Result
Home Cybersecurity

Open Banking Innovation: The Race Between Developers and Cybercriminals

With the widespread use of open banking, it opens up new possibilities for cybercriminals to plan attacks. So what makes open banking so vulnerable?

BlockIsTheNewChain by BlockIsTheNewChain
August 3, 2022
in Cybersecurity
531 5
0
banking Hack
36
SHARES
1.8k
VIEWS
Share on TwitterShare on LinkedinShare on FacebookShare on Telegram

Cybercriminals – Karl Mattson, Chief Information Security Officer, Noname Security: The Open Banking initiative is designed to enable the community of developers and fintech companies to innovate and meet new financial services needs. Open Banking APIs handle everything from account status to fund transfers, to password changes and account services. Cyber ​​attackers with access to these services would also gain access to these capabilities and sensitive customer data. Customer, account and payment data requires greater precision to ensure transaction integrity and data security.

As open API development accelerates, so does the security risk. Even well-governed, highly secure businesses are under enormous pressure to keep up with the pace of change and respond to API threats.

Additionally, many enterprises employ third-party API code shared by multiple customers, which may contain vulnerabilities. Research shows that third-party API code presents a significant opportunity for cyberattackers to reuse cyberattacks targeting third-party code across multiple enterprises.

In addition to the open banking that drives API usage, APIs have become the de facto standard for modern application development, with businesses often deploying thousands of APIs for a variety of purposes. Each connection point between these APIs represents a potential attack vector. Faced with such a massively expanded attack surface, many businesses, especially small ones, struggle to protect them due to a lack of resources.

Why are APIs in open banking a common target for cybercriminals?

Mattson: Cybercriminals will target APIs in open banking because they have direct access to funds. Combined with the trend for API attacks to be one of the most common and effective forms of cyberattack today, this means that open banking APIs face particular risks.

While installing API security precautions enables integration between banking apps and fintech companies, these numerous touchpoints are also places for vulnerable code exploited by cybercriminals. So it’s no surprise that cybercriminals are empowered to target open banking APIs, as APIs are often insecure, as has been seen recently, and the reward for successfully cracking them is an immediate gain.

What can financial services institutions do to improve API security?

Mattson: The first step is to get a full inventory of all APIs, including data classification and configuration details, to provide a holistic view of the environment. One of the main challenges associated with securing APIs these days is that most businesses have thousands of APIs they don’t know about – these are called shadow APIs. Existing infrastructure such as API gateways and WAFs cannot address API risk when not in use. For high-risk open banking APIs, the margin of error is zero.

With a view of the state and configuration of all APIs, businesses can prioritize the highest risks. This starts with identifying runtime exceptions, or abuse attempts observed in the process. APIs are well suited for behavioral analysis models to identify anomalies in each API.

Next, configurations and vulnerabilities should be identified upstream for rapid resolution by network and application teams – reducing the risk of API exposure through firewall changes, API policy enforcement, and other applied techniques.

The final step is to actively test the API to verify integrity before and after deployment to production, especially as the environment evolves through regular code shipments or continuous integration/continuous delivery (CI/CD) deployments.

Can consumers trust open banking? What should they look out for?

Mattson: Consumers benefit from open banking by opening up new services and benefits to meet their financial needs. However, consumers are at a distinct disadvantage in understanding how to assess the risk of their personal information. For example, bank customers may have little insight or control over how their financial institution provides these services on the back end.

Likewise, there are few data points consumers need to consider when assessing whether a new fintech service offering is truly safe. Consumers still rely heavily on financial industry regulators for quality oversight and as gatekeepers for responsible risk management and data protection.

How to embrace innovation while ensuring safety?

Mattson: Open banking innovation is less secure than traditional models – but it does significantly speed up the pace of change. Even though the API itself can be highly secure, changing environments can be prone to bugs and human or technical errors. Cybercriminals do take notice.

The proliferation of APIs makes it difficult for security teams to effectively observe and adequately address these issues. Rapid innovation forces developers to potentially give up security in their quest to deliver software faster. Keeping up with the need to innovate has become a race between developers and cybercriminals, which in itself creates problems.

Tags: Application SecuritybankingCybercriminalsHacker-Attack-and-DefenseVulnerability

Related Posts

edge computing
Corporate Security

How important is Edge Computing Security?

by BlockIsTheNewChain
October 12, 2022

Edge computing is revolutionizing the way business operates. This has sparked a massive uptake of edge computing products and services. Research predicts...

Read more
Enhance Smart Cybersecurity

Three Cognitive Technologies to Enhance Smart Cybersecurity

October 7, 2022
phishing_result

An 11-fold increase in phishing attacks exploiting SaaS platforms

September 4, 2022
phishing attacks exploiting saas

A Simple Guide to Manually Renewing an SSL Certificate

September 4, 2022
Protecting Your WordPress Site

6 Tips for Protecting Your WordPress Site

September 4, 2022

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

  • Vulnerability Scanning

    The most popular Web vulnerability scanning tools

    36 shares
    Share 14 Tweet 9
  • Excellent blockchain API for developers

    29 shares
    Share 12 Tweet 7
  • 6 ways the hacker group Anonymous is waging cyber-war against Russia

    31 shares
    Share 12 Tweet 8
  • How important is Edge Computing Security?

    29 shares
    Share 12 Tweet 7
  • Blockchain Basics – What is Blockchain Technology

    28 shares
    Share 11 Tweet 7

  • About
  • terms-and-conditions
  • Privacy & Policy
  • Contact

© 2022 Blockisthenewchain - The latest Blockchain, Cybersecurity News, and Startup Reviews by BLOCKisthenewCHAIN.

No Result
View All Result
  • Home
  • Cybersecurity
  • Hacking stories
  • News
  • Blockchain
  • Startups

© 2022 Blockisthenewchain - The latest Blockchain, Cybersecurity News, and Startup Reviews by BLOCKisthenewCHAIN.

Welcome Back!

Sign In with Facebook
Sign In with Google
OR

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.