Investigating the Cybersecurity Implications of Open Banking and Application Programming Interfaces (APIs) in the Financial Sector
DOI:
https://doi.org/10.55927/ministal.v4i1.13370Keywords:
Investigating, Cybersecurity, Application Programming Interface, Financial SectorAbstract
Open banking and the use of APIs within the financial industry are improving how financial services are delivered by stimulating innovation, enhancing competition, and providing customer-oriented solutions. But that evolution has also brought its own heavy cybersecurity challenges. In this article we focus on the cybersecurity risks of open banking and APIs, including issues such as data breaches, and risks from third-party entities. Based on case studies, vulnerability assessments, and interviews with experts, the study highlights key threats and analyzes existing mitigation measures such as secure API development, authentication protocols, and regulatory compliance frameworks. Results highlight the need for strict cybersecurity measures built upon a Zero Trust Architecture, including the use of an API gateway and regular penetration testing to secure sensitive financial data, safeguarding an open banking landscape. The results of this research will assist financial institutions, developers, and regulators in securing next-generation open banking platforms without hindering innovation and risk management.
Downloads
References
European Banking Authority. (2021). Guidelines on the security measures for operational and security risks under PSD2. Retrieved from https://www.eba.europa.eu
Google Cloud. (2021). Building a secure API strategy for financial services. Retrieved from https://cloud.google.com
Moujahid, S., Ahmed, M., & Patel, K. (2021). Thirdparty risks in open banking ecosystems: Challenges and mitigation strategies. Journal of Financial Security, 18(3), 145157.
Nguyen, H. T., Pham, T., & Tran, Q. (2020). Innovations in insider threat detection: Behavioral analytics and AI integration. International Journal of Cybersecurity, 14(1), 2348.
OWASP. (2022). OWASP API Security Top 10. Retrieved from https://owasp.org
Salt Security. (2022). API Security Report 2022. Retrieved from https://salt.security
Sarker, S., Xiao, X., & Beaulieu, T. (2021). The role of human behavior in organizational cybersecurity: Insights from the banking sector. Journal of Cybersecurity Studies, 19(4), 233248.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Mohammad Amir Hossain, Md. Adil Raza, Jami Yaseer Rahman

This work is licensed under a Creative Commons Attribution 4.0 International License.