{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,3,31]],"date-time":"2023-03-31T04:59:26Z","timestamp":1680238766331},"reference-count":28,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2023,3,1]],"date-time":"2023-03-01T00:00:00Z","timestamp":1677628800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,3,1]],"date-time":"2023-03-01T00:00:00Z","timestamp":1677628800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Datenschutz Datensich"],"published-print":{"date-parts":[[2023,3]]},"DOI":"10.1007\/s11623-023-1736-6","type":"journal-article","created":{"date-parts":[[2023,3,30]],"date-time":"2023-03-30T09:02:58Z","timestamp":1680166978000},"page":"154-159","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Die Financial-grade API (FAPI)"],"prefix":"10.1007","volume":"47","author":[{"given":"Johanna","family":"Schenkel","sequence":"first","affiliation":[]},{"given":"Christian","family":"Mainka","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,3,30]]},"reference":[{"key":"1736_CR1","unstructured":"The European Parliament and the Council of the European Parliament. Directive (eu) 2015\/ of the european parliament and of the council of 25 november 2015on payment services in the internal market, amending directives 2002\/65\/ec, 2009\/110\/ec and 2013\/36\/eu and regulation (eu) no 1093\/2010, and repealing directive 2007\/64\/ec. https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32015L2366&from=DE, visited on 10\/11\/2022."},{"key":"1736_CR2","unstructured":"Statistisches Bundesamt. 3.4 Zahl der Banken geht zur\u00fcck. https:\/\/service.destatis.de\/DE\/WirtschaftJahrtausendwendeEuropa\/bloc-3d.html, visited on 10\/11\/2022."},{"key":"1736_CR3","unstructured":"Fapi \u2013 financial grade api, 2022. https:\/\/fapi.openid.net\/, visited on 10\/11\/2022."},{"key":"1736_CR4","unstructured":"Financial-grade api (fapi) wg | openid, 2016. https:\/\/openid.net\/wg\/fapi\/, visited on 10\/11\/2022."},{"key":"1736_CR5","unstructured":"N. Sakimura and A. Saxena. Openid foundation fapi wg: June 2017 update, 2017. https:\/\/www.slideshare.net\/nat_sakimura\/openid-foundation-fapi-wg-june-2017-update , visited on 10\/11\/2022."},{"key":"1736_CR6","unstructured":"PSD2 | Deutsche Bundesbank https:\/\/www.bundesbank.de\/de\/aufgaben\/unbarer-zahlungsverkehr\/psd2\/psd2-775434, visited on 10\/11\/2022."},{"key":"1736_CR7","doi-asserted-by":"crossref","unstructured":"D. Hardt (Editor). Rfc 6749 \u2013 the oauth 2.0 authorization framework, 2012. https:\/\/datatracker.ietf.org\/doc\/html\/rfc6749, visited on 10\/11\/2022.","DOI":"10.17487\/rfc6749"},{"key":"1736_CR8","unstructured":"Final: Openid connect core 1.0 incorporating errata set 1, 11\/8\/2014. https:\/\/openid.net\/specs\/openid-connect-core-1_0.html, visited on 1\/27\/2022."},{"key":"1736_CR9","unstructured":"Final: Financial-grade api security profile 1.0 \u2013 part 1: Baseline, 3\/12\/2021. https:\/\/openid.net\/specs\/openid-financial-api-part-1-1_0.html , visited on 1\/27\/2022."},{"key":"1736_CR10","unstructured":"Final: Financial-grade api security profile 1.0 \u2013 part 2: Advanced, 3\/12\/2021. https:\/\/openid.net\/specs\/openid-financial-api-part-2-1_0.html, visited on 1\/27\/2022."},{"key":"1736_CR11","unstructured":"openid \/ fapi \/ fapi_2_0_attacker_model.md \u2014 bitbucket. https:\/\/bitbucket.org\/openid\/fapi\/src\/c1095f10f13c17c93a425081ec5669796245ff9c\/FAPI_2_0_Attacker_Model.md?at=master, visited on 4\/25\/2022."},{"key":"1736_CR12","unstructured":"openid \/ fapi \/ fapi_2_0_baseline_profile.md \u2014 bitbucket. https:\/\/bitbucket.org\/openid\/fapi\/src\/47c71db3d6d535b805ac207f89119b7f32b1f74e\/FAPI_2_0_Baseline_Profile.md?at=master, visited on 4\/25\/2022."},{"key":"1736_CR13","unstructured":"openid \/ fapi \/ fapi_2_0_advanced_profile.md \u2014 bitbucket. https:\/\/bitbucket.org\/openid\/fapi\/src\/596057dff73d039ffa9a6213256bb529eb7e2ab9\/FAPI_2_0_Advanced_Profile.md?at=master, visited on 4\/25\/2022."},{"key":"1736_CR14","unstructured":"D. Tonge et al. Financial-grade api: Client initiated backchannel authentication profile, 8\/16\/2019. https:\/\/openid.net\/specs\/openid-financial-api-ciba.html, visited on 4\/25\/2022."},{"key":"1736_CR15","unstructured":"Rfc 9101 \u2013 the oauth 2.0 authorization framework: Jwt-secured authorization request (jar). https:\/\/datatracker.ietf.org\/doc\/html\/rfc9101, visited on 4\/25\/2022."},{"key":"1736_CR16","unstructured":"Rfc 9126 \u2013 oauth 2.0 pushed authorization requests. https:\/\/datatracker.ietf.org\/doc\/html\/rfc9126, visited on 4\/25\/2022."},{"key":"1736_CR17","unstructured":"draft-ietf-oauth-rar-11. https:\/\/datatracker.ietf.org\/doc\/html\/draft-ietf-oauth-rar, visited on 4\/25\/2022."},{"key":"1736_CR18","unstructured":"Draft-02: Financial-grade api: Jwt secured authorization response mode for oauth 2.0 (jarm). https:\/\/openid.net\/specs\/openidfinancial-api-jarm.html, visited on 1\/27\/2022."},{"key":"1736_CR19","unstructured":"Rfc 8705 \u2013 oauth 2.0 mutual-tls client authentication and certificate-bound access tokens. https:\/\/datatracker.ietf.org\/doc\/html\/rfc8705, visited on 4\/25\/2022."},{"key":"1736_CR20","unstructured":"Rfc 7636 \u2013 proof key for code exchange by oauth public clients. https:\/\/datatracker.ietf.org\/doc\/html\/rfc7636, visited on 1\/27\/2022."},{"key":"1736_CR21","unstructured":"draft-ietf-oauth-dpop-07. https:\/\/datatracker.ietf.org\/doc\/html\/draft-ietf-oauth-dpop, visited on 4\/26\/2022."},{"key":"1736_CR22","unstructured":"draft-ietf-oauth-security-topics-19. https:\/\/datatracker.ietf.org\/doc\/html\/draft-ietf-oauth-security-topics, visited on 1\/27\/2022."},{"key":"1736_CR23","unstructured":"Openid certification | openid. https:\/\/openid.net\/certification\/, visited on 1\/27\/2022."},{"key":"1736_CR24","unstructured":"Owasp. Cross Site Request Forgery (CSRF). https:\/\/owasp.org\/www-community\/attacks\/csrf, visited on 10\/11\/2022."},{"key":"1736_CR25","unstructured":"Owasp. Session Fixation. https:\/\/owasp.org\/www-community\/attacks\/Session_fixation, visited on 10\/17\/2022."},{"key":"1736_CR26","unstructured":"Anzahl der Online-Girokonten in Deutschland bis 2021. https:\/\/de.statista.com\/statistik\/daten\/studie\/39539\/umfrage\/anzahl-der-online-gefuehrten-konten-in-deutschland\/ , visited on 11\/17\/2022"},{"key":"1736_CR27","unstructured":"OAuth 2.0. https:\/\/oauth.net\/2\/, visited on 11\/17\/2022."},{"key":"1736_CR28","unstructured":"Positionspapier zur Nutzung von \u201eScreenscraping\u201d im Kontext von Artikel 98 PSD II. https:\/\/die-dk.de\/media\/files\/2016-11-10_DK-Positionspapier_Screen-Scraping_final.pdf, visited on 11\/17\/2022."}],"container-title":["Datenschutz und Datensicherheit - DuD"],"original-title":[],"language":"de","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11623-023-1736-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11623-023-1736-6\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11623-023-1736-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,3,30]],"date-time":"2023-03-30T09:40:14Z","timestamp":1680169214000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11623-023-1736-6"}},"subtitle":["PSD2-konforme Absicherung von APIs im Finanzsektor"],"short-title":[],"issued":{"date-parts":[[2023,3]]},"references-count":28,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2023,3]]}},"alternative-id":["1736"],"URL":"https:\/\/doi.org\/10.1007\/s11623-023-1736-6","relation":{},"ISSN":["1614-0702","1862-2607"],"issn-type":[{"value":"1614-0702","type":"print"},{"value":"1862-2607","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,3]]},"assertion":[{"value":"30 March 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}