Search

Guidance to the CFPB regarding US Open Banking

A slide summarizing the key benefits of the FAPI family of specifications: security, interoperability, privacy, competition.

Authors: Gail Hodges, Joseph Heenan, Dima Postnikov, Mark Haine, Mike Leszcz, Elizabeth Garber  Following our May 16 open letter to the Consumer Financial Protection Bureau, the OpenID Foundation has been engaged in discussions about their rule-making on Personal Financial Data Rights. This post summarizes our guidance to the CFPB. Why are we engaged? The OpenID […]

Second Implementer’s Draft of Grant Management for OAuth 2.0 Approved

The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Implementer’s Draft: Grant Management for OAuth 2.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the first Implementer’s Draft of this specification. The Implementer’s Draft is available […]

OpenID Foundation Announces FAPI-RW App2app Certification Launched

Global interoperability, a common cause among many national and industry groups, seems especially urgent these days, especially in matters of security. Interop requires open standards, a “best idea wins” debate among experts and patience, lots of patience. The Financial-Grade API Working Group has a singular focus on developing its security profile as a complementary component […]

Notice of Vote for Proposed FAPI 2.0 Message Signing Implementer’s Draft

The official voting period will be between Tuesday, May 9, 2023 and Tuesday, May 16, 2023, once the 45-day review of the specification has been completed. For the convenience of members, voting will actually open on Tuesday, May 2, 2023 for members who have completed their reviews by then, with the voting period still ending […]

Public Review Period for Proposed FAPI 2.0 Message Signing Implementer’s Draft

The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specification as an OpenID Implementer’s Draft: FAPI 2.0 Message Signing This would be the first Implementer’s Draft of this specification. An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the […]

Second Implementer’s Drafts of Two FAPI 2.0 Specifications Approved

The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. These are the second FAPI 2.0 Implementer’s Drafts. The Implementer’s Drafts are […]

Notice of Vote for Proposed Second Implementer’s Drafts of Two FAPI 2.0 Specifications

Voting will begin on Monday, January 9, 2023 and end on Monday, January 23, 2023, now that the 45-day review of the specifications has been completed. The Financial-grade API (FAPI) working group page is https://openid.net/wg/fapi/. If you’re not already a member, or if your membership has expired, please consider joining to participate in the approval […]

Public Review Period for Two Proposed FAPI 2.0 Second Implementer’s Drafts

The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: FAPI 2.0 Security Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review period for the specification […]

JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) is now a Final Specification

The OpenID Foundation membership has approved the following Financial-grade API (FAPI) specification as an OpenID Final Specification: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. The Final Specification is available at: https://openid.net/specs/oauth-v2-jarm-final.html The voting results […]