Ping Identity, the leader in Identity Defined Security, today announced its successful completion of the Financial-grade API (FAPI) conformance testing, as part of the process defined by Open Banking Ltd. This builds on Ping Identity’s previous success as the first identity platform to pass all 70 technical security tests, as set by Open Banking Ltd., with zero warnings.
Now FAPI Approved
The most recent set of FAPI conformance testing evaluated the latest versions of the Ping Intelligent Identity™ platform, including PingFederate, PingAccess and PingDirectory, within a mock banking environment. The inclusion of FAPI within the Ping Identity solution for Open Banking helps allow banks to overcome insecure practices such as screen scraping by using stored user credentials. Instead, it switches to an API model with structured data that utilises a token model such as Open Authorization.
FAPI is a technical specification developed as a multi-industry standard by the FAPI Working Group of OpenID Foundation (OIDF). It leverages OAuth 2.0 and OpenID Connect (OIDC) to define additional technical requirements for the financial industry and other sectors requiring higher security. For banks specifically, FAPI provides various advantages. This includes enabling applications to securely interact with financial accounts, while also enhancing the user’s ability to control security and privacy settings. In concurrence with the specification, OpenID Foundation maintains a cloud-based testing suite for conformance testing by banks, certified third-party security providers and platform vendors—such as Ping Identity.
Customer Deployments Take Off
The Ping Intelligent Identity™ platform is used by hundreds of financial services enterprises, including many of the CMA 9 and Open Banking Ltd. itself. Additionally, FAPI is of increasing relevance to the growing number of new fintech start-ups in areas such as investment, wealth management, insurance, payments and even real estate.
“This is significant beyond the Open Banking and financial services sector,” explains Rob Otto, EMEA Field CTO, Ping Identity. “Other digitally-focused sectors, with similar secure identity requirements, now have a proven template that can allow them to quickly deploy their own security controls, which have been stringently tested by the largest financial institutions in the UK.”
Click here to learn about the full scope of the Open Banking Ltd. conformance testing and details supporting the Ping Identity implementation. To learn more about technology solutions for Open Banking and PSD2, visit www.pingidentity.com/psd2.
About Ping Identity
Ping Identity envisions a digital world powered by intelligent identity. We help enterprises achieve Zero Trust identity-defined security and more personalized, streamlined user experiences. The Ping Intelligent Identity™ platform provides customers, employees and partners with access to cloud, mobile, SaaS and on-premises applications and APIs, while also managing identity and profile data at scale. Over half of the Fortune 100 choose us for our identity expertise, open standards leadership, and partnership with companies including Microsoft, Amazon and Google. We provide flexible options to extend hybrid IT environments and accelerate digital business initiatives with multi-factor authentication, single sign-on, access management, intelligent API security, directory and data governance capabilities. Visit www.pingidentity.com.