When secure isn’t enough

Financial-grade Package

Our Financial-grade (FAPI) package is especially valuable for those who need to comply with open banking and financial grade regulations and any organization that requires an extra high level of security.

Try for FreeContact Sales
Financial-grade Package

Industry Standards to Future-Proof Your Investment

The Curity Identity Server is certified to OpenID Financial-grade API 1.0 Second Implementer’s Draft and 1.0 Advanced profiles. Our FAPI package provides all the capabilities needed to comply with these profiles.

The package includes

CIBA - Client-Initiated Backchannel Authentication

CIBA - Client-Initiated Backchannel Authentication

Utilizing apps to smoothly and securely authenticate users has long been a challenge. A standards-based way to address this is to use Client Initiated Backchannel Authentication (CIBA) from the OpenID Foundation. It defines a decoupled flow where authentication can be initiated on one device and carried out at another. It lets people use their mobile devices to authenticate and approve transactions.

Learn more about CIBA
PAR - Pushed Authorization Requests

PAR - Pushed Authorization Requests

Pushed Authorization Requests (PAR) is an enhancement in OAuth and OpenID Connect to initiate the authorization flow from a client using request objects. It provides security and privacy improvements without implementing costly cryptography at the client-side. The client needs only minimal changes to be able to use PAR instead of a standard authorization request.

Explore PAR
JAR - JWT Secured Authorization Requests

JAR - JWT Secured Authorization Requests

JWT Authorization Request functionality is very useful in implementations that require high security. Using signed request objects can help when request parameters get too large to send them in the query string or where there is a need to maintain the consistency of request parameters. Additionally, it's possible to encrypt request objects where you also need to maintain privacy.

OAuth Authorization with JAR
JARM - JWT Secured Authorization Response Mode

JARM - JWT Secured Authorization Response Mode

JWT Secured Authorization Response Mode for OAuth 2.0 adds another level of security to handle responses from the Authorization Server. The Curity Identity Server supports this draft specification without any specialized configuration required. Customers can thus easily implement JARM in their clients.

Learn about JARM
HSM - Hardware Security Module

HSM - Hardware Security Module

The Curity Identity Server supports the use of Hardware Security Modules (HSM) for storing keys. Use the HSM with the Curity Identity Server to sign tokens, encrypt SSL/TLS communication, and perform other sensitive operations.

HSM Example

Comply with Open Banking regulation

Achieve an extremely high-security standard

Adaptability for differing regional regulatory demands

Token-based Architecture

Secure Your APIs with Tokens

Includes all the great features and benefits of the Token Service.

Explore Token Service
  1. Home
  2. Product
  3. Financial-grade Package
See Curity Identity Server in action

See Curity Identity Server in action

In this demo, we give you a comprehensive overview of the Curity Identity Server. What it is and what problems it helps you solve.

Watch Demo

Discover the Power of Curity Identity Server

Overview

Product Overview

Authentication

Authentication Service

Token Service

Token Service

User management

User Management Service

Configuration

Configuration

Deployment

Deployment

Standards & Conformance

Standards & Conformance

Product Plans

Product Plans

Monitoring and Metrics

Monitoring and Metrics

Alarms

Alarms

Next steps

Start Today

Ready to modernize IAM? Build security and improve ease of use to stay ahead of the competition.

Start a Free Trial

Start a Free Trial

Schedule a demo

Schedule a demo

Speak to an Identity Specialist

Speak to an Identity Specialist

Explore learning resources

Explore learning resources