Certified OpenID Connect CIBA Compliance

Curity has certified that the Curity Identity Server version 6.2 conforms to the CIBA profile of the OpenID Connect protocol. The hundreds of tests for both mutual TLS and JWT-based authentication pass without warning. This major milestone includes excellent back-channel authentication options available out of the box, including BankID, email, SMS, and others available using the product’s SDK. The open-source Freja eID authenticator has also been updated on GitHub to show how this SDK can be used to extend the product’s CIBA-compatible authentication options.

“Conformance to CIBA means that the Curity Identity Server now supports 40 different specs!” says Travis Spencer, CEO of the company. “This is amazing, in and of itself. What is more phenomenal, though, is that even while adhering to such a wide array of protocols, the product is still so easy to use.” Jacob Ideskog, CTO of Curity adds that “CIBA required a totally different approach to login that broke a number of assumptions we made in the product’s construction. Despite this, however, we added support for CIBA without introducing any breaking changes to the database, SDK, or configuration. This coupled with the very short implementation time shows that our product is extremely well designed.”

Just days after the release, multiple banking customers started upgrading to use CIBA in their open banking deployment and intend to go live in short order to fulfill their regulators’ requirements. Despite the nascent inclusion of the protocol, certified compliance to an open, vetted standard has given these early adopters peace of mind.

To learn more about CIBA, read up on the architecture of the protocol, check out our Webinar, and learn how to implement CIBA in the Curity Identity Server. Then, try it out using OAuth.tools.