Home
The Common API specifications focus on the respective business logic. In order for TPPs and FIs to implement these APIs in a standardized way, the secure implementation must be standardized too. Therefore, this repo describes all superior topics regarding security with focus on access control, which includes:
- Consent Management
- Strong Customer Authentication (SCA)
The OpenID Foundation's FAPI Working Group already covers the baseline for secure implementations in the context of FIs. It consists of well-established standards and recommendations. The secure implementation of Common API use cases builds upon the basic API security principles and the FAPI 2.0 security profile. Swiss market-related specifics are covered in the FAPI 2.0 Swiss Profile. The following figure gives an overview of this repository.
Please use the menu to the right to navigate through the available content.