CSIO Publishes Industry’s First API Security Standard

INNOTECH Advisory Committee and API Security Working Group break new ground by publishing the industry’s first API security standard

Toronto, ON (Apr. 21, 2022) – CSIO is pleased to announce that the Innovation and Emerging Technology (INNOTECH) Committee and Application Programming Interface (API) Security Working Group achieved an important milestone by finalizing and publishing the insurance industry’s first API Security Standard. In doing so, they provided a standard authentication and authorization API model for vendors and insurers. Insurers and vendors can program the Standard to help ensure brokers have adequate levels of security before they’re authenticated and authorized to log into insurers’ systems.

Currently, brokers who request access to an insurer’s system for the first time will either be denied entry due to security concerns or receive access after completing the insurer’s authentication and authorization process. This can be a major pain point as authentication and authorization processes vary by insurer, and different broker systems have varying levels of security. The API Security Standard provides a set of guidelines (or model) for authentication and authorization for the industry to work from, meaning that software vendors and insurers who follow the guidelines will allow their broker partners to experience a more seamless authentication and authorization process.

The API Security Standard is ready to be programmed in its present form and can even be built upon to include new functionalities that will align with future security architectures. This robust Standard is a byproduct of the industry coming together to reach a consensus for everyone’s mutual benefit. The API Security Working Group, comprised of professionals who represent insurers, software vendors and the Insurance Brokers Association of Canada (IBAC) collaborated to identify needs and specifications for the API Security Standard. The group is building on the momentum of their latest release by working on advancing the Standard to make it applicable for more use cases and API interactions.

“Our industry has increasingly leveraged technology to digitize operations since early 2020, which makes security more important than ever,” said Kim Opheim, Broker Technology and Innovation Consultant at IBAC and INNOTECH Advisory Committee member. “It’s been a great experience working with the CSIO INNOTECH Working Group’s insurers and vendors on this very complex and important API security project. This is foundational work that will support data exchange for the betterment of the broker distribution channel.”

The API Security Standard is available at csio.com for insurer and vendor members to program.

About Centre for Study of Insurance Operations (CSIO)

CSIO is Canada’s industry association of property and casualty insurers, service providers and over 38,000 brokers. CSIO is committed to improving the consumer’s ease of doing business within the broker channel by overseeing the development, implementation and maintenance of technology standards and solutions such as My Proof of Insurance, eDocs, and eSignatures. In addition, CSIO operates the industry-owned mail network service, CSIOnet For more information, visit www.csio.com.

SOURCE: Centre for Study of Insurance Operations (CSIO)

Tags: , , , , , , ,