SOA Software has announced new security features to enable advanced identity management and authentication as well as threat protection as part of their API Gateway service. Speaking with ProgrammableWeb, VP of Marketing Sachin Agarwal said the new suite of security features “is an extremely big release for us.”
When it comes to security in the age of the Internet of Things (IoT) it’s clear that the convergence of both digital and physical paradigms in going to be required. At the South by Southwest conference next month Brivo Labs will release APIs designed to allow developers to achieve that goal.
ProgrammableWeb first covered Point.io last year when the Point.io API was released. The original API gave mobile apps access to data from multiple cloud storage providers. Point.io has expanded its single point of access approach with the release of APIdoc. APIdoc provides a single API that grants any application access to data that resides in a public cloud, private cloud, behind a firewall, or elsewhere. While providing seamless access to multiple data repositories, APIdoc ensures security for compliance and auditing purposes.
Facebook has released Conceal, a set of Java APIs for fast encryption and data authentication. Conceal was developed to encrypt large data files (e.g., SD cards) on Android. With the release, Facebook targets older Android devices with less memory and slower processors. Facebook currently deploys Conceal to help protect users’ private data and is now launching its functionality to the developer community.
As part of an evolving mobile cloud services strategy Oracle envisions a world where developers will be able to shop for APIs in the equivalent of an online store. According to Suhas Uliyar, vice president of mobile strategy product management for Oracle, the initial focus of the Oracle Mobile Cloud Service platform is to allow internal IT organizations to set up their own backed-as-a-service (BaaS) capabilities to integrate mobile computing applications with a variety of backend systems running on Oracle software.
E-HAWK, cyber intelligence provider focused on combating fraudulent sign ups, has released the Vetting API Connector. The API automates the various vetting tools E-HAWK has deployed to analyze sign ups to determine the risk of fraud. The technology analyzes risk by vetting IP address, email, phone number, location, device and more. Based on risk levels, companies utilizing E-HAWK tools can set automatic responses to fraudulent activity.
The benefits of a well-designed, well-implemented, easily integated API are well known: happier developers, higher usage and, hopefully, greater profit as a result. While many high-level best practices for developing a great API have been established, a failure to pay close attention to small details, such as parameter defaults, can create big headaches.
There’s no shortage of controversy when it comes to healthcare these days, but from a developer perspective, the increased usage of electronic medical records (EMR) represents a potential boon. The challenge is that a lot of those records are locked up in proprietary systems that for the most part are fairly inaccessible.
Signifyd, ecommerce fraud prevention service, allows developers to integrate the service with third party ecommerce platforms through the Signifyd API. The Signifyd service uses a number of data points, and allows users to give greater importance to certain points depending on need, to develop a risk score and develop a fraud assessment. From social media activities, to bank data, Signifyd takes a holistic approach to fraud prevention.
It seems at every API conference, there is a new feature being released by the team at OAuth.io. In October, at API Strategy and Practice in San Francisco, OAuth.io released a mobile SDK. Now after APIDays in Paris, OAuth.io has released a ‘code request’ feature to abstract usage tokens in the authentication process. Co-Founder Mehdi Medjaoui spoke with ProgrammableWeb about the service that provides a unified API for any OAuth implementation.