BBVA API Market
Alfonso Muñoz, Senior Cybersecurity Expert & Research Lead BBVA – Innovation for Security, examined the possibilities afforded by cryptography to ensure user security and generating a single footprint for companies.
What role do APIs play in cryptography?
They play a critical role. We at BBVA are running a program known as “Chameleon”, which aims to provide cryptography as a service. We seek to offer usable cryptography via APIs.
How are you doing this?
APIs allow cryptography to be harnessed in a simple, controlled and audited fashion. For example, if you have an application that needs to encrypt and protect information, instead of having the algorithm built into the application, you can order a third party, the API, to protect your information. Said third party can protect your information via APIs.
What is the biggest cryptography threat to banks?
There are several. One is algorithms using public cloud cryptography. Banks use them in e-commerce and to sign digital documents. In long-term agreements, such as a mortgage or a contract, the information included in such documents could be forged, as technological progress opens the possibility of “resigning” using other algorithms and other mechanisms. The latter would entail quantum computing, which will be a threat in the longer term.
What are the most secure algorithms?
None stand out as the best at present. The problem is that there are a number of different proposals due to a lack of standardization. In other sectors, algorithms are usually presented to the scientific community, which evaluates the same over a number of years and a winner eventually emerges. This is what is lacking in the world of cryptography: a pool of algorithms made available that people can then subject to rigorous testing.
Will passwords become a thing of the past?
Not for the next 10 years, I don’t think. But exposure of the same will decline due to homomorphic encryption. I think passkeys and passwords will become less prevalent, which means the global system will be more secure. Thieves will increasingly only be able to steal from you at very specific moments.
How would you define homomorphic encryption?
It means the computation of encrypted data. I.e. operating with protected information without exposing said data. Without viewing the information.
How does that benefit users?
For users this means greater privacy in the cloud. They can grant third parties access to their information, a tax declaration for example, and allow them to operate using the same while not being able to view the data.
And for businesses?
The possibilities are much greater. It allows companies to outsource things that previously they could not. For banks, which cannot disclose information to third parties by law, it offers the potential to encrypt said information in order to allow an external operator to use the same without having access to the content. For banks it allows enormous flexibility to reduce costs and escalate cloud services.
What costs are involved?
Such encryption would require only a low-cost software program. The problem is that the current investment is more scientific. Work is ongoing to ensure that the algorithm is more secure and faster. The latter objective will be attained by improving mathematical processes.
Are you interested in financial APIs? Discover all the APIs we can offer you at BBVA
Businesses, from self-employed to SMEs and large companies, need financing solutions that suit their needs. Leasing is a method that can optimize the use of resources and which combines business liquidity (or lack of) with the use of assets. What is leasing and how does it work? Leasing is a financing method by which a […]
An API is a very useful mechanism that connects two pieces of software equipment to exchange messages or data in a standard format such as XML or JSON. Thus, it becomes an instrument that can be used to search for revenue, open the doors to talent or innovate and automate processes.
The Embedded Finance (EF) and Bank-as-a-Service (BaaS) ecosystem is expanding at lightning speed and is in the process of defining of the roles of the new stakeholders entering the ecosystem, who are looking to fill niches or create new services. How will the Embedded Finance and Bank-as-a-Service sector evolve? José Luis Navarro Llorens is Head […]
