Posts Tagged: access control

Security Points to Consider Before Implementing GraphQL

GraphQL is a very powerful query language that does a great many things right. When implemented properly, GraphQL offers an extremely elegant methodology for data retrieval, more backend stability, and increased query efficiency.

The key here though is that simple phrase — when implemented properly. Read more

Why OAuth 2.0 Is Vital to IoT Security

The internet is fundamentally an unsafe place. For every service, every API, there are users who would love nothing more than to break through the various layers of security you’ve erected.

This is no small concern, either — in the US alone, security breaches cost companies in excess of $445 Billion USD annually. Read more

Review of Approov for Mobile API Security

Unfortunately, the reality of mobile apps is that at some point, someone is going to try to do something they’re not allowed to. Whether this is through brute-forcing keys, spoofing identities, or simply issuing distributed attacks across the application’s server dependencies, the threat to public-facing APIs in the mobile space is real, dangerous, and often inefficiently mitigated. Read more

PSD2 Sanctions Access to Personal Banking Data, Amplifying FinTech Growth

On the European FinTech stage, forthcoming initiatives and regulations will both disrupt and foster innovation in the banking sector of the API economy. The most significant of these is the Payment Services Directive 2 (PSD2), a new regulation that will apply across the European Union and is likely to result in a huge increase in the number of APIs for banking products. Read more

Stemming the Flood – How to Rate Limit an API

If an API is implemented correctly, the number of users utilizing a service can be staggering. Millions of users and devices connect to the internet every day, utilizing APIs to perform calculations, convert media, and even help cure cancer.

The API developer’s dream come true, however, can also be a nightmare. Read more