Skip to main content

Certifications

SecureAuth is certified in most of the OIDF-compliant specifications. SecureAuth provides the implementation for all the Open Banking specifications that have been finalized and is an active member and participant of various FAPI working groups. SecureAuth also provides the draft implementation of evolving specifications in this space.

Certified OpenID Provider

SecureAuth - OpenID Provider conformance profiles

  • Basic OP

  • Implicit OP

  • Hybrid OP

  • Config OP

  • Dynamic OP

  • Form Post OP

Certified Financial-grade API (FAPI) OpenID Providers

SecureAuth has achieved certifications for different kinds of Financial-grade API (FAPI) profiles

FAPI 1 Advanced Final

OpenID Provider conformance profiles

  • FAPI Adv. OP w/ MTLS

  • FAPI Adv. OP w/ MTLS, PAR

  • FAPI Adv. OP w/ Private Key

  • FAPI Adv. OP w/ Private Key, PAR

  • FAPI Adv. OP w/ MTLS, JARM

  • FAPI Adv. OP w/ Private Key, JARM

  • FAPI Adv. OP w/ MTLS, PAR, JARM

  • FAPI Adv. OP w/ Private Key, PAR, JARM

UK Open Banking (Based on FAPI 1 Advanced Final)

SecureAuth has achieved certification for the Open Banking UK specifications:

OpenID Provider conformance profiles

  • UK-OB Adv. OP w/ MTLS

  • UK-OB Adv. OP w/ Private Key

Australia CDR (Based on FAPI 1 Advanced Final)

SecureAuth has achieved certification for the Consumer Data Right (CDR) specifications:

OpenID Provider conformance profiles

  • AU-CDR Adv. OP w/ Private Key

  • AU-CDR Adv. OP w/ Private Key, PAR

Brazil Open Banking (Based on FAPI 1 Advanced Final)

SecureAuth has achieved certification for the Open Banking Brazil specifications:

OpenID Provider conformance profiles

  • BR-OB Adv. OP w/ MTLS

  • BR-OB Adv. OP w/ Private Key

  • BR-OB Adv. OP w/ MTLS, PAR

  • BR-OB Adv. OP w/ Private Key, PAR

  • BR-OB Adv. OP w/ MTLS, JARM

  • BR-OB Adv. OP w/ Private Key, JARM

  • BR-OB Adv. OP w/ MTLS, PAR, JARM

  • BR-OB Adv. OP w/ Private Key, PAR, JARM

  • BR-OB Adv. OP DCR

KSA Open Banking (Based on FAPI 1 Advanced Final)

SecureAuth has achieved certification for the Open Banking Saudi Arabia specifications:

OpenID Provider conformance profiles

  • KSA-OB Adv. OP w/ MTLS, PAR

  • KSA-OB Adv. OP w/ Private Key, PAR

Client Initiated Backchannel Authentication Profile (CIBA)

SecureAuth has achieved certification for Financial-grade API Client Initiated Backchannel Authentication Profile (FAPI-CIBA) conformance profiles:

OpenID Provider conformance profiles

  • FAPI-CIBA OP poll w/ MTLS

  • FAPI-CIBA OP poll w/ Private Key

  • FAPI-CIBA OP Ping w/ MTLS

  • FAPI-CIBA OP Ping w/ Private Key

FAPI 2.0

SecureAuth has achieved certifications for different kinds of FAPI 2.0 profiles.

Note

SecureAuth offers an authorization server that meets FAPI-grade requirements. Fintech and mission-critical application workspaces can be tailored to comply with your preferred FAPI specification - FAPI 1.0, FAPI Advanced, or FAPI 2.0. You have the option to modify your existing workspace settings to adhere to FAPI requirements or create a new Fintech and mission-critical applications workspace. When creating a new workspace, simply select the desired FAPI profile to ensure compliance.

FAPI-grade authz server

Please note that FAPI 2.0 is still in the draft phase, but certification is possible with the Implementers Draft FAPI 2.0 specification. Be aware that until FAPI 2.0 becomes final, we do not assume responsibility for FAPI 2.0 workspace settings, and we may introduce breaking changes as the FAPI 2.0 specification is refined.

FAPI 2.0 Security Profile

SecureAuth is compliant with FAPI 2.0 Security Profile Second Implementer’s Draft profile.

OpenID Provider conformance profiles

  • FAPI2SP MTLS + MTLS

  • FAPI2SP private key + MTLS

  • FAPI2SP OpenID Connect

FAPI 2.0 Message Signing

SecureAuth is compliant with FAPI 2.0 Message Signing First Implementer’s Draft profile.

OpenID Provider conformance profiles

  • FAPI2MS JAR

  • FAPI2MS JARM

Australia FAPI 2.0 ConnectId Implementer’s Draft

SecureAuth is compliant with Australia FAPI 2.0 ConnectId profile.

OpenID Provider conformance profiles

  • FAPI2MS with ConnectId support

Financial Data Exchange

Financial Data Exchange - 5.2

FDX API significantly increases market standardization of financial data sharing around consent, user control and consumer dashboards, and aligns with other global standards like the Open ID Foundation’s Financial-grade API (FAPI) security standard and the insurance industry’s ACORD annuity standards to promote greater interoperability and industry adoption. There is no certification suite available yet.

SecureAuth is one of the initial vendors to declare SaaS support for FDX 5.2 security profile that includes user consent.

In this section: