Unfortunately, the reality of mobile apps is that at some point, someone is going to try to do something they’re not allowed to. Whether this is through brute-forcing keys, spoofing identities, or simply issuing distributed attacks across the application’s server dependencies, the threat to public-facing APIs in the mobile space is real, dangerous, and often inefficiently mitigated. Read more
Posts Tagged: access control
On the European FinTech stage, forthcoming initiatives and regulations will both disrupt and foster innovation in the banking sector of the API economy. The most significant of these is the Payment Services Directive 2 (PSD2), a new regulation that will apply across the European Union and is likely to result in a huge increase in the number of APIs for banking products. Read more
If an API is implemented correctly, the number of users utilizing a service can be staggering. Millions of users and devices connect to the internet every day, utilizing APIs to perform calculations, convert media, and even help cure cancer.
The API developer’s dream come true, however, can also be a nightmare. Read more
In an age where thousands of devices interact with microservices and API-driven servers, an API gateway can act as a single entry point to internal architecture — a popular choice for developers as it increases security, improves user experience, and helps ecosystems thrive. Read more
Little details like tokens can sometimes help structure complex API architectures. In this piece we’re going to have a look at different architectures, and ultimately see how a better way to design tokens can lead to a more performant result.
Consider the role of tokens within two facets of API design, access control and data stability. Read more