Home
World Journal of Advanced Engineering Technology and Sciences
International, Peer reviewed, Referred, Open access | ISSN Approved Journal

Main navigation

  • Home
    • Journal Information
    • Abstracting and Indexing
    • Editorial Board Members
    • Reviewer Panel
    • Journal Policies
    • WJAETS CrossMark Policy
    • Publication Ethics
    • Instructions for Authors
    • Article processing fee
    • Track Manuscript Status
    • Get Publication Certificate
    • Issue in Progress
    • Current Issue
    • Past Issues
    • Become a Reviewer panel member
    • Join as Editorial Board Member
  • Contact us
  • Downloads

ISSN: 2582-8266 (Online)  || UGC Compliant Journal || Google Indexed || Impact Factor: 9.48 || Crossref DOI

Fast Publication within 2 days || Low Article Processing charges || Peer reviewed and Referred Journal

Research and review articles are invited for publication in Volume 18, Issue 2 (February 2026).... Submit articles

Securing API Ecosystems in Digital Banking Transformation

Breadcrumb

  • Home
  • Securing API Ecosystems in Digital Banking Transformation

Ashish Hota *

Department of Business Administration – IT Management, Western Governors University, United States of America.

Review Article
 
World Journal of Advanced Engineering Technology and Sciences, 2022, 07(02), 371-378.
Article DOI: 10.30574/wjaets.2022.7.2.0126
DOI url: https://doi.org/10.30574/wjaets.2022.7.2.0126

Received on 28 September 2022; revised on 19 November 2022; accepted on 28 November 2022

Modern banking—including open banking and digital car loan platforms—relies on interconnected APIs across banks, fintech’s, identity providers, credit bureaus, dealerships, and customers. Such ecosystems enable innovation (e.g., real time financial data sharing, streamlined loan origination), but also expand exposure to threats like broken authentication, authorization misconfigurations (e.g., IDOR), injection attacks, data leakage, replay attacks, DoS, and more.
Profiles emerging threats across open banking and digital car loan APIs.
Presents technical mitigations using OAuth 2.0, OpenID Connect, PKCE, and API Gateways.
Offers a refined secure architecture combining gateways, JWT handling, MTLS, RBAC/ABAC, WAFs, encryption, and monitoring.
Demonstrates how to secure a car loan API flow—from login to loan issuance—with NFT style nonces, token binding, scope enforcement, and logging.
Reviews operations practices: DevSecOps, auditing, incident response, and regulatory compliance.
Explores future innovations: DPoP (proof-of-possession), OAuth 2.1 updates, token binding, AI-driven threat detection, SSI, and standards-based API governance.

API Security; Open Banking; OAuth 2.0; OpenID Connect (OIDC); API Gateway; Digital Transformation; Car Loan API Security; API Threat Landscape; Token Binding; PKCE; Mutual TLS; Secure API Architecture; API Vulnerability Mitigation; Zero Trust API Security; DevSecOps for APIs

https://wjaets.com/sites/default/files/fulltext_pdf/WJAETS-2022-0126.pdf

Get Your e Certificate of Publication using below link

Download Certificate

Preview Article PDF

Ashish Hota. Securing API Ecosystems in Digital Banking Transformation. World Journal of Advanced Engineering Technology and Sciences, 2022, 07(02), 371-378. Article DOI: https://doi.org/10.30574/wjaets.2022.7.2.0126 

Get Certificates

Get Publication Certificate

Download LoA

Check Corssref DOI details

Issue details

Issue Cover Page

Editorial Board

Table of content

Copyright © Author(s). All rights reserved. This article is published under the terms of the Creative Commons Attribution 4.0 International License (CC BY 4.0), which permits use, sharing, adaptation, distribution, and reproduction in any medium or format, as long as appropriate credit is given to the original author(s) and source, a link to the license is provided, and any changes made are indicated.

Copyright © 2026 World Journal of Advanced Engineering Technology and Sciences

Developed & Designed by VS Infosolution