Security Analysis of the Open Banking Account and Transaction API Protocol

03/28/2020
by   Abdulaziz Almehrej, et al.
0

To counteract the lack of competition and innovation in the financial services industry, the EU has issued the Second Payment Services Directive (PSD2) encouraging account servicing payment service providers to share data. The UK, similarly to other European countries, has promoted a standard API for data sharing: the Open Banking Standard. We present a formal security analysis of its APIs, focusing on the correctness of the Account and Transaction API protocol. The work relies on a previously proposed methodology, which provided a practical approach to protocol modelling and verification.

READ FULL TEXT

Please sign up or login with your details

Forgot password? Click here to reset