Guidance to the CFPB regarding US Open Banking
Authors: Gail Hodges, Joseph Heenan, Dima Postnikov, Mark Haine, Mike Leszcz, Elizabeth Garber Following our May 16 open letter to the Consumer Financial Protection Bureau, the OpenID Foundation has been engaged in discussions about their rule-making on Personal Financial Data Rights. This post summarizes our guidance to the CFPB. Why are we engaged? The OpenID […]
Public Review Period for “Financial API – Part 2: Read and Write API Security Profile” Started
OpenID Foundation’s Financial API (FAPI) Working Group recommends approval of the following specification as OpenID Implementer’s Draft: Financial API – Part 2: Read and Write API Security Profile, draft 02 This document is a Part 2 of a set of documents that specifies a Financial API. It provides a profile of OAuth that is suitable […]
Public Review Period for “Financial API – Part 1: Read Only API Security Profile” Started
OpenID Foundation’s Financial API (FAPI) Working Group has advised the foundation to start the public review period for consideration as an Implementer’s Draft for the specification: Financial API – Part 1: Read Only API Security Profile, draft 01 It is a specification that documents the security profiles of OAuth 2.0 and OpenID Connect to be used […]
Introducing RISC: Working together to protect users
According to a recent Gallup poll, more people are worried about their online accounts being hacked than having their home broken into.With more and more of our digital lives accessible online, attackers are redoubling efforts to steal our personal information, and increasingly exploiting the interconnectedness of web services and apps to “leapfrog” from one account […]
Industry Leaders Lead: Google Asks Developers to Migrate from OpenID 2.0 to OpenID Connect
In 2015, waves of disruption are coursing through the Internet identity ecosystem as standard development organizations, companies and governments look to bolster the security and privacy of the information they are charged with protecting. Implementing the latest open standards is one of the many practical steps identity providers and relying parties can take now to […]