API Security

This section includes the Security Standards Documents and all the Related Materials created for the CBUAE Project.

The Security Standards include the following documents :

Security Profile - FAPI : Defines the ways that an accredited institution (Data Receiver) can use to authenticate itself to access protected resource endpoints from the Data Provider, as well as receive authorization from a customer to access their personal data.
Registration Framework : Defines the technical ways for the participating institutions to register their organizations by leveraging a trust framework. Defines how participants can confirm the identity of other participating institutions and what access scope they have within the ecosystem.
Certificate Standard : Specifies the set of necessary certificates required by organizations participating in Open Finance UAE to ensure the interoperability for authentication, confidentiality of data, integrity and non-repudiation among participants, as well as for users and consumers of these entities.