Two particularly challenging forms of API abuse are Aggregation and Cheating as a Service. In both these cases your own users are enabling and sometimes funding the individuals and organizations abusing your APIs.

This presentation was delivered by David at APIDays in Paris last month and it covers the topic of protecting mobile APIs and apps in a banking context.

In the world of banking, security has always been important and the recent breach at Tesco Bank is a timely reminder. With an increased appetite for regulation in the banking sector and in the realms of data protection it is becoming ever more important for responsible companies to take action to tighten up their defences against the constant threat of data theft and fraud. Regulation is becoming a powerful lever to encourage banks to have robust mechanisms in place to protect their customers. The EU's General Data Protection Regulation (GDPR) raises the possibility of heavy fines if you fail to take steps.