BBVA API Market
Alfonso Muñoz, Senior Cybersecurity Expert & Research Lead BBVA – Innovation for Security, examined the possibilities afforded by cryptography to ensure user security and generating a single footprint for companies.
What role do APIs play in cryptography?
They play a critical role. We at BBVA are running a program known as “Chameleon”, which aims to provide cryptography as a service. We seek to offer usable cryptography via APIs.
How are you doing this?
APIs allow cryptography to be harnessed in a simple, controlled and audited fashion. For example, if you have an application that needs to encrypt and protect information, instead of having the algorithm built into the application, you can order a third party, the API, to protect your information. Said third party can protect your information via APIs.
What is the biggest cryptography threat to banks?
There are several. One is algorithms using public cloud cryptography. Banks use them in e-commerce and to sign digital documents. In long-term agreements, such as a mortgage or a contract, the information included in such documents could be forged, as technological progress opens the possibility of “resigning” using other algorithms and other mechanisms. The latter would entail quantum computing, which will be a threat in the longer term.
What are the most secure algorithms?
None stand out as the best at present. The problem is that there are a number of different proposals due to a lack of standardization. In other sectors, algorithms are usually presented to the scientific community, which evaluates the same over a number of years and a winner eventually emerges. This is what is lacking in the world of cryptography: a pool of algorithms made available that people can then subject to rigorous testing.
Will passwords become a thing of the past?
Not for the next 10 years, I don’t think. But exposure of the same will decline due to homomorphic encryption. I think passkeys and passwords will become less prevalent, which means the global system will be more secure. Thieves will increasingly only be able to steal from you at very specific moments.
How would you define homomorphic encryption?
It means the computation of encrypted data. I.e. operating with protected information without exposing said data. Without viewing the information.
How does that benefit users?
For users this means greater privacy in the cloud. They can grant third parties access to their information, a tax declaration for example, and allow them to operate using the same while not being able to view the data.
And for businesses?
The possibilities are much greater. It allows companies to outsource things that previously they could not. For banks, which cannot disclose information to third parties by law, it offers the potential to encrypt said information in order to allow an external operator to use the same without having access to the content. For banks it allows enormous flexibility to reduce costs and escalate cloud services.
What costs are involved?
Such encryption would require only a low-cost software program. The problem is that the current investment is more scientific. Work is ongoing to ensure that the algorithm is more secure and faster. The latter objective will be attained by improving mathematical processes.
2022 is a year characterized by a veritable explosion of open banking apps, and we have selected the most outstanding ones Open banking apps have been growing along with this new ecosystem for years. New regulations and new layers of technology, focusing, have led thousands of startups to launch new products. Some of them are […]
If you want to finance a car, you must analyze all the options: how does financing work, and when should it be done? How to finance a car is a very frequent question both from individuals with mobility needs and from companies that need a vehicle to use. Is it better to make a conventional […]
The difference between leasing and renting can bring competitive advantages to companies, so it is worth understanding each of these models. The difference between leasing and renting can be critical for the economic model of an SME or a self-employed person. Renting and leasing are different models for using a car, as are buying, carsharing […]