Investigating the Cybersecurity Implications of Open Banking and Application Programming Interfaces (APIs) in the Financial Sector

Authors

  • Mohammad Amir Hossain Union Bank PLC
  • Md. Adil Raza United International University
  • Jami Yaseer Rahman BRAC University

DOI:

https://doi.org/10.55927/ministal.v4i1.13370

Keywords:

Investigating, Cybersecurity, Application Programming Interface, Financial Sector

Abstract

Open banking and the use of APIs within the financial industry are improving how financial services are delivered by stimulating innovation, enhancing competition, and providing customer-oriented solutions. But that evolution has also brought its own heavy cybersecurity challenges. In this article we focus on the cybersecurity risks of open banking and APIs, including issues such as data breaches, and risks from third-party entities. Based on case studies, vulnerability assessments, and interviews with experts, the study highlights key threats and analyzes existing mitigation measures such as secure API development, authentication protocols, and regulatory compliance frameworks. Results highlight the need for strict cybersecurity measures built upon a Zero Trust Architecture, including the use of an API gateway and regular penetration testing to secure sensitive financial data, safeguarding an open banking landscape. The results of this research will assist financial institutions, developers, and regulators in securing next-generation open banking platforms without hindering innovation and risk management.

Downloads

Download data is not yet available.

References

European Banking Authority. (2021). Guidelines on the security measures for operational and security risks under PSD2. Retrieved from https://www.eba.europa.eu

Google Cloud. (2021). Building a secure API strategy for financial services. Retrieved from https://cloud.google.com

Moujahid, S., Ahmed, M., & Patel, K. (2021). Thirdparty risks in open banking ecosystems: Challenges and mitigation strategies. Journal of Financial Security, 18(3), 145157.

Nguyen, H. T., Pham, T., & Tran, Q. (2020). Innovations in insider threat detection: Behavioral analytics and AI integration. International Journal of Cybersecurity, 14(1), 2348.

OWASP. (2022). OWASP API Security Top 10. Retrieved from https://owasp.org

Salt Security. (2022). API Security Report 2022. Retrieved from https://salt.security

Sarker, S., Xiao, X., & Beaulieu, T. (2021). The role of human behavior in organizational cybersecurity: Insights from the banking sector. Journal of Cybersecurity Studies, 19(4), 233248.

Downloads

Published

2025-01-28

How to Cite

Hossain, M. A., Raza, M. A., & Rahman, J. Y. (2025). Investigating the Cybersecurity Implications of Open Banking and Application Programming Interfaces (APIs) in the Financial Sector. Jurnal Ekonomi Dan Bisnis Digital, 4(1), 39–56. https://doi.org/10.55927/ministal.v4i1.13370