[Openid-specs-fapi] I will be speaking at APIDays Berlin: Banking APIs and PSD2

Dave Tonge dave.tonge at momentumft.co.uk
Wed Nov 8 07:24:42 UTC 2017


Hi Nat

Great news - the points look good.
I suggest adding:
 - Major IAM vendors are implementing it
 - Write profile requires proof of possession tokens
 - TLS Mutual Auth supported for client authentication and token proof of
possession

Hope it goes well.

Dave


On 7 November 2017 at 15:33, Nat Sakimura via Openid-specs-fapi <
openid-specs-fapi at lists.openid.net> wrote:

> Dear all:
>
> Apparently, I will be speaking at
>
> APIDays Banking APIs and PSD2
> The finish line for PSD2 and Open Banking
>
> It will be on the afternoon of Nov. 8 Berlin Time.
>
> I am scrambling to create my slides now. Any suggestion welcome.
>
> Some of the points that I am thinking of presenting are:
>
> - FAPI Security Profile is a general purpose higher security API
> protection mechanism based on OAuth framework.
> - It has been adopted by Open Banking UK etc.
> - It is complete with source, destination, and message authentication.
> - We issued implementers drafts for redirect based profile.
> - We are now working on a decoupled profile.
> - We do not know how on earth the embedded mode can be secure.
>     --> Come to the WG if you know how to.
>        --> Oh, btw, it will then be patent license free.
> - 9 biggest UK banks are implementing it and will be live on Jan. 13, 2018.
>
> Best,
>
> --
> Nat Sakimura
> Research Fellow, Nomura Research Institute
> Chairman of the Board, OpenID Foundation
> _______________________________________________
> Openid-specs-fapi mailing list
> Openid-specs-fapi at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-fapi
>



-- 
Dave Tonge
CTO
[image: Moneyhub Enterprise]
<http://www.google.com/url?q=http%3A%2F%2Fmoneyhubenterprise.com%2F&sa=D&sntz=1&usg=AFQjCNGUnR5opJv5S1uZOVg8aISwPKAv3A>
10 Temple Back, Bristol, BS1 6FL
t: +44 (0)117 280 5120

Moneyhub Enterprise is a trading style of Momentum Financial Technology
Limited which is authorised and regulated by the Financial Conduct
Authority ("FCA"). Momentum Financial Technology is entered on the
Financial Services Register (FRN 561538) at fca.org.uk/register. Momentum
Financial Technology is registered in England & Wales, company registration
number 06909772 © . Momentum Financial Technology Limited 2016. DISCLAIMER:
This email (including any attachments) is subject to copyright, and the
information in it is confidential. Use of this email or of any information
in it other than by the addressee is unauthorised and unlawful. Whilst
reasonable efforts are made to ensure that any attachments are virus-free,
it is the recipient's sole responsibility to scan all attachments for
viruses. All calls and emails to and from this company may be monitored and
recorded for legitimate purposes relating to this company's business. Any
opinions expressed in this email (or in any attachments) are those of the
author and do not necessarily represent the opinions of Momentum Financial
Technology Limited or of any other group company.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20171108/379e0bda/attachment.html>


More information about the Openid-specs-fapi mailing list