Blog

Featured image for Data privacy in Open Banking

Data privacy in Open Banking

Data privacy and consent are the quintessential components of customer experience when engaging with a business and yet consumer Personally Identifiable Information (PII) is rarely treated in accordance with established privacy regulations. Consumer data is critical to businesses for understanding how consumers behave, identifying the ways the business can improve and for offering new services...
Read More
Featured image for See you at Open Banking World Congress 2022

See you at Open Banking World Congress 2022

Adoption of Open Banking standards and practices has seen worldwide growth over the last year, with implementation of Open Banking Brazil regulations a key example. Cloudentity is powering authorization and consent for 40% of Brazilian banks that are Open Banking certified in the country, and we're active in the UK, EU, Australian and APAC regions...
Read More
Featured image for eCBSV: new consent-based SSN verification service

eCBSV: new consent-based SSN verification service

Following worldwide trends of governments providing new and better identity and privacy services to consumers and banks, the Social Security Administration (SSA) is implementing a new fee-based Social Security number (SSN) verification service known as Electronic Consent Based Social Security Number Verification (eCBSV). This service follows worldwide privacy directives aligned with Open Banking, requiring data...
Read More
Featured image for Identity Management Day 2022: Are Your Digital Identities Secure?

Identity Management Day 2022: Are Your Digital Identities Secure?

Hosted by the Identity Defined Security Alliance and National Cybersecurity Alliance, Identity Management Day aims to provide education about the dangers of casually or improperly managing and securing digital identities, raising awareness and sharing best practices across the industry.   According to Gartner, APIs are expected to be the most frequent attack vector in 2022, and...
Read More
Featured image for Making Dynamic Authorization an Essential Pillar in Federal Government Zero Trust Architecture Strategies

Making Dynamic Authorization an Essential Pillar in Federal Government Zero Trust Architecture Strategies

Author: Brook Lovatt, Chief Product Officer of Cloudentity The government’s focus on Zero Trust has risen in the past year, as shown by the Biden Administration's May 2021 and January 2022 executive orders and the Cybersecurity and Infrastructure Security Agency’s (CISA) Zero Trust Maturity Model. CISA’s Zero Trust Maturity Model is one of many roadmaps...
Read More
Featured image for Aligning Cloudentity Components with XACML Terminology

Aligning Cloudentity Components with XACML Terminology

Cloudentity is frequently asked how our components and features align with those of the legacy XACML (eXtensible Access Control Markup Language), including Policy Administration Points (PAP), Policy Decision Points (PDP), Policy Information Points (PIP), and Policy Enforcement Points (PEP). In this article, we will describe what the Cloudentity components are and how they align with...
Read More
Featured image for Securing partner API integrations with OAuth mTLS

Securing partner API integrations with OAuth mTLS

Securing partner API integrations with OAuth mTLS API access using token-based architectures is already popular, and the authorization and governance of the minted tokens for access becomes very critical for APIs, which exposes data for partner integrations outside of the organization itself. This is exactly where we can utilize the OAuth mTLS specification along with...
Read More
Featured image for The Perimeter has Disappeared: Why Zero Trust and IAM are Essential to Secure the Modern Enterprise

The Perimeter has Disappeared: Why Zero Trust and IAM are Essential to Secure the Modern Enterprise

In the conventional, on-premises IT infrastructure, organizations worked within the boundaries of their well-defined enterprise network perimeter. In this setting, on-premises security tools like virtual private networks (VPNs) were mostly sufficient to secure users and devices within the perimeter walls. However, with the increase in remote work and cloud computing, organizations are leveraging various apps...
Read More
Featured image for Cloudentity Named Winner in the Globee Awards 18th Annual Cyber Security Global Excellence Awards

Cloudentity Named Winner in the Globee Awards 18th Annual Cyber Security Global Excellence Awards

Cloudentity Named Winner in the Globee Awards 18th Annual Cyber Security Global Excellence Awards We’re excited to share that the Globee Awards have named Cloudentity a winner in the Application Programming Interface (API) Management and Security category in the 18th Annual 2022 Cyber Security Global Excellence Awards. These prestigious global awards recognize cyber security and...
Read More
Featured image for Build a GraphQL client application to consume protected GraphQL API resources

Build a GraphQL client application to consume protected GraphQL API resources

This article is part 3 of our GraphQL application protection series. In this article, we will build a GraphQL client that is capable of invoking GraphQL API calls, obtain authorized access tokens from a Cloudentity authorization server and send the authorization token to underlying GraphQL services. Part 1: Externalized authorization for GraphQL using the Cloudentity...
Read More
Featured image for Protecting GraphQL applications through authorization and consent

Protecting GraphQL applications through authorization and consent

This article is part 2 of our GraphQL application protection series. In this article, we will build a GraphQL API server and protect its resources with externalized policies administered in the Cloudentity Authorization SaaS platform. We will also protect the GraphQL API endpoint data with a local policy enforcement/decision point for the app deployed within...
Read More