Skip to main content

OAuth, FAPI, and Security for Open Finance

Financial institutions can use SecureAuth CIAM Platform to gain immediate compliance with Open Finance security profiles.

SecureAuth comes with instantly applicable, jurisdiction-specific, pre-configured Open Banking profiles that will make your solution instantly compliant in the area of security profile. The key elements that a profile encloses are:

  • We deliver fine-grained authorization (consent) capabilities which means that customers have direct control over the data they share. For example, consent can be limited to one of many customer's accounts.

  • SecureAuth provides FAPI compliant authorization servers which can be set to a profile compliant with a specific Open Banking directive where your developers, fintech companies, and partners can register their applications, issue tokens for service consumption, and more.

  • SecureAuth authorization servers support various OAuth and OIDC authorization grant types and client authentication methods.

  • We can leverage the authentication factors your financial institution uses to fulfill the requirement of Strong Customer Authentication (that some of the directives require).

  • SecureAuth comes with a built-in policy engine responsible for enforcing authorization policies on application and request levels.

  • You get two authorization policies types: SecureAuth policies with a built-in UI editor and OPA policies written in REGO language.

  • You can integrate major API gateways and Service Meshes to discover your APIs within the SecureAuth platform using our Authorizers and enforce all access control measures for your APIs.

  • Use SecureAuth multi-tenancy model to spin up multiple authorization servers. If your bank has branches in multiple countries and needs to follow different directives, this is a way to go! Additionally, you can have different tenants for development, testing, and production environments.

  • We provide a developer portal functionality that allows the developers to register and manage their client applications. Additionally, applications can be dynamically registered with the use of SecureAuth APIs compliant with various OB reforms.