Best Practices to Secure API Implementations in Core Banking System (CBS) in Banks

Abstract

The use of application programming interfacing (APIs) is showing a world of plausible outcomes for different industries especially financial institutions. APIs are an easy way to integrate applications within and across enterprises. To enable the flow of information between applications, to access customer data, to create innovative products tailored to consumer, market and regulatory needs, our banks are using APIs with Core Banking Solutions (CBS). While they are quick and easy to implement, they can be dangerous if not secured properly, putting the entire bank at risk of exposure to hackers. Therefore, API security should be well-architected, designed and managed, prior to actually starting the development of APIs. There is no proven technique to ensure foolproof APIs, but a well-designed and rightly implemented API can greatly mitigate the security risks and banks can secure the benefits of APIs. The purpose of this study was to investigate and analyze the APIs implementation risks in Core Banking System and recommend the best practices to secure APIs implementation in Core Banking System in Banks.