API Days Berlin 2017 Presentation

Here is the slide I used for APIDays Berlin 2017: Banking APIs and PSD2 — The finish line for PSD2 and Open Banking. A couple of questions came around, which I did not do a really good job of answering. Here are clearer answers: Q.1 What does protecting ‘code’ and ‘state’ mean? A.1 In RFC6749, what is being returned from […]

Fixing OAuth?

On the 14th and 15th of July, we had the OAuth Security Workshop 2016 at the University of Trier. Further, we had a IETF 96 side meeting on OAuth security at 18:20 in the beautiful Café am Neuen See to further discuss it. Below is the summery of what I got as the take  away of these meetings. […]