API Economy: How to Build Secure Business on Platform

API Economy: How to Build Secure Business on Platform
July 12 11:33 2017 Print This Article

According to IT research agency International Data Corporation (IDC), the global Internet of Things (IoT) market will reach $7.1 trillion by 2020. The development of IoT area requires the correspondent growth of Application Programming Interface (API) as a mean of communication between different programs, platforms and applications. While IoT integration is possible due to APIs.

Being a set of system modules, API enables the delivery of new products without its actual development. API gives all necessary basis for integration with external providers of various services. Besides, it is important for GUI (Graphical user Interface) customization. Such large corporations as Amazon Web Services, Facebook, Google and Twitter have their APIs available for third-party providers.

IoT together with APIs has given the possibility for new business channels to appear. Newly created digital society leads to merging the real physical word and the virtual one. We already live in API economy where companies build their business models and strategies based on API and IoT technologies trends.

The API economy turns companies, organizations and businesses into platform. Rather a good example is Uber – a company that builds its business on the platform. Through API, the application connects drivers and passengers using Google Maps.

In order to turn the business to platform, the company needs three main things: digital business models, business model platforms and business ecosystems. But the actual shift starts from changing company’s culture and internal organization of working processes.

Recommendations to turn business into platform

  • The core attribute of every business built on platform is openness with the team, customers and users.
    A bimodal approach – dividing of management into Front Office and Back Office systems – ensures the proper launch of business model platform and creation of the ecosystem.
  • To turn business into platform requires new technology assets and accordingly assets management system to catalogue, process and track various data and algorithms.
  • Business model platforms should be oriented to organizational structure and not to product. Business opportunities provided by API bring major value.
  • Risk management and system security should be essential aspects of every business, especially for business turning into platform.
  • Security is an essential attribute for APIs because there is a number of security holes.

Being fully focused on functional and features, developers may accidentally open the door to corporate and customers data. API requires specialists to think outside the box as hackers do. In order to protect APIs, vendors keep to the standard – Internet Engineering Task Force’s OAuth. However, the standard is based on HTTP that has own flaws.

APIs are rather complex systems and they support a big number of connections. Besides that, new software is released ASAP. So, it is quite difficult to write secure code. According to data provided by the researchers of the University of Virginia, 67% of applications available in App Store have security vulnerabilities – customer’s credentials can be stolen.

Add-ons available for APIs hide more threats. For example, social networks and mobile solutions allow third-party service providers to add functionality to the basic system. In such a case, developers get access privileges and are able to manage system admin functionality. This causes new vulnerabilities.

To protect the system, developers follow a multi-pronged approach – the procedures of authentication and authorization are multistep and include biometric solutions, e.g. fingerprints. Also, during security testing, the main focus is on front-end but back-end hides many security holes too.

The development of new functionality requires spending 5-10% of total project budget on security testing in order to avoid huge losses in future.

Related Posts:

About Article Author

view more articles
Helen Johnson
Helen Johnson

has 3-year experince in content managing, skills of copyediting and proofreading of web content and documentation

View More Articles

0 Comments

write a comment

Add a Comment

Your data will be safe! Your e-mail address will not be published. Also other data will not be shared with third person.
All fields are required.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.