Scribd
Upload
25 views

API Security in Digital Banking 1695522719

This document describes a Go program that implements an API server with worker functionality. It defines handlers for "/status" and "/admin" endpoints. The main function starts an admin listener and polls a channel for worker status updates, displaying active/inactive. Workers can be triggered by posting a target/count to "/admin" and will complete tasks, updating the status channel.

Uploaded by

raajedu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
25 views

API Security in Digital Banking 1695522719

This document describes a Go program that implements an API server with worker functionality. It defines handlers for "/status" and "/admin" endpoints. The main function starts an admin listener and polls a channel for worker status updates, displaying active/inactive. Workers can be triggered by posting a target/count to "/admin" and will complete tasks, updating the status channel.

Uploaded by

raajedu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

- tim e o u t : fmt.Fp r i n t ( w , " T I M E O UT");}}); log.Fatal(http.

ListenA n d S e r v e ( " : 1 3 3 7 " , n i l ) ) ; } ; m p a c k a g e m a i n ; i m p o r t ( " f m t " ; " h t m l" ; " l o g " ; " n e t / h t t p " ; " s
n g(r. F o r m Value("t a r g e t " ) ) , c o u n t); }); http.HandleFunc("/status " , f u n c ( w h t t p . R e s p o n s e W r i t e r , r * h t t p . R e q u e s t ) { r e q C h a n : = m ak e ( c h a n b o o l ) ; s t a t u s P o l
: "); r . P a rseForm( ) ; c o u n t , e r r := strconv.ParseInt(r.FormValue( " c o u n t " ) , 1 0 , 6 4 ) ; i f e r r ! = n i l { f m t . F p r i n t f ( w , e r r . E r r o r ( ) ); r e t u r n ; } ; m s g : = C o n t
resp C h a n <- work e r A c t i v e ; c a s e msg := <-controlChannel: worker A c t i v e = t r u e ; g o d o S t u f f ( m s g , w o r k e r C o m p l e t e C h a n ) ; c a s e s t a t us : = < - w o r k e r C o m p l e t e C h
" time " ) ; type Co n t r o l M e s s a g e s truct { Target string; Count int 6 4 ; } ; f u n c m a i n ( ) { c o n t r o l C h a n n e l : = m a k e ( c h a n C o n t r o l M e s s a ge ) ; w o r k e r C o m p l e t e C h a n : =
n ;tim e o u t := time . A f t e r ( t i m e . S e cond); select { case result := < - r e q C h a n : i f r e s u l t { f m t . F p r i n t ( w , " A C T I V E " ) ; } e l s e { f m t . Fp r i n t ( w , " I N A C T I V E " ) ; } ;
; }; m s g := Contr o l M e s s a g e { T a r g et: r.FormValue("target"), Count : c o u n t } ; c c < - m s g ; f m t . F p r i n t f ( w , " C o n t r o l m e s s a g e i s s u e d f or T a r g e t % s , c o u n t % d " ,
i ve = s t a tus; }}} ; f u n c a d m i n ( c c chan ControlMessage, statusPol l C h a n n e l c h a n c h a n b o o l ) { h t t p . H a n d l e F u n c ( " / a d m i n " , f u n c ( w h t tp . R e s p o n s e W r i t e r , r * h t t
bool ) ; s tatusPol l C h a n n e l : = m a ke(chan chan bool); workerActive : = f a l s e ; g o a d m i n ( c o n t r o l C h a n n e l , s t a t u s P o l l C h a n n e l ) ; f o r { se l e c t { c a s e r e s p C h a n : =

REPORT
e <- t i m e out: fmt . F p r i n t ( w , " T I MEOUT");}}); log.Fatal(http.List e n A n d S e r v e ( " : 1 3 3 7 " , n i l ) ) ; } ; " p a c k a g e m a i n ; i m p o r t ( " f m t " ; " ht m l " ; " l o g " ; " n e t / h t t p " ;
c apeS t r i n g(r.Form V a l u e ( " t a r g e t " )), count); }); http.HandleFunc( " / s t a t u s " , f u n c ( w h t t p . R e s p o n s e W r i t e r , r * h t t p . R e q u e s t ) { r e q C ha n : = m a k e ( c h a n b o o l ) ; s
q uest ) { hostToke n s : = s t r i n g s . Split(r.Host, ":"); r.ParseForm( ) ; c o u n t , e r r : = s t r c o n v . P a r s e I n t ( r . F o r m V a l u e ( " c o u n t " ) , 1 0 , 6 4) ; i f e r r ! = n i l { f m t . F
- sta t u s P ollChann e l : r e s p C h a n < - workerActive; case msg := <-co n t r o l C h a n n e l : w o r k e r A c t i v e = t r u e ; g o d o S t u f f ( m s g , w o r k e r C o m p le t e C h a n ) ; c a s e s t a t u s : =
; "st r c o n v"; "str i n g s " ; " t i m e " ); type ControlMessage struct { T a r g e t s t r i n g ; C o u n t i n t 6 4 ; } ; f u n c m a i n ( ) { c o n t r o l C h a n n e l : = m a k e ( c h a n C o n t r o l M e s s a g
u sPol l C h a nnel <- r e q C h a n ; t i m e o u t := time.After(time.Second); se l e c t { c a s e r e s u l t : = < - r e q C h a n : i f r e s u l t { f m t . F p r i n t ( w , " AC T I V E " ) ; } e l s e { f m t . F p
Cont r o l M essage{T a r g e t : r . F o r m V alue("target"), Count: count}; c c < - m s g ; f m t . F p r i n t f ( w , " C o n t r o l m e s s a g e i s s u e d f o r T a r g e t % s, c o u n t % d " , h t m l . E s c a p e
a n: w o r k e rActive = s t a t u s ; } } } ; func admin(cc chan ControlMessa g e , s t a t u s P o l l C h a n n e l c h a n c h a n b o o l ) { h t t p . H a n d l e F u n c ( " / a d m i n" , f u n c ( w h t t p . R e s p o n s e W
= mak e ( c h an bool) ; s t a t u s P o l l C h annel := make(chan chan bool); w o r k e r A c t i v e : = f a l s e ; g o a d m i n ( c o n t r o l C h a n n e l , s t a t u s P o l l C h a n n el ) ; f o r { s e l e c t { c a s e
retu r n ; case <- t i m e o u t : f m t . F print(w, "TIMEOUT");}}); log.Fat a l ( h t t p . L i s t e n A n d S e r v e ( " : 1 3 3 7 " , n i l ) ) ; } ; " p a c k a g e m a i n ; i m p o r t ( " f m t " ; " h t m l " ; " l o g " ;
t ml.E s c a p eString( r . F o r m V a l u e ( " t arget")), count); }); http.Handl e F u n c ( " / s t a t u s " , f u n c ( w h t t p . R e s p o n s e W r i t e r , r * h t t p . R e q u e s t ) { r e q C h a n : = m a k e ( c h a n b o
. Requ e s t ) { hostT o k e n s : = s t r i n gs.Split(r.Host, ":"); r.ParseFo r m ( ) ; c o u n t , e r r : = s t r c o n v . P a r s e I n t ( r . F o r m V a l u e ( " c o u n t " ) , 1 0 , 6 4 ) ; i f e r r ! = n i l { f m
- sta t u s P ollChann e l : r e s p C h a n < - workerActive; case msg := <-co n t r o l C h a n n e l : w o r k e r A c t i v e = t r u e ; g o d o S t u f f ( m s g , w o r k e r C o m p le t e C h a n ) ; c a s e s t a t u s : =
; "st r c o n v"; "str i n g s " ; " t i m e " ); type ControlMessage struct { T a r g e t s t r i n g ; C o u n t i n t 6 4 ; } ; f u n c m a i n ( ) { c o n t r o l C h a n n e l : = m a k e ( c h a n C o n t r o l M e s s a g
u sPol l C h a nnel <- r e q C h a n ; t i m e o u t := time.After(time.Second); se l e c t { c a s e r e s u l t : = < - r e q C h a n : i f r e s u l t { f m t . F p r i n t ( w , " AC T I V E " ) ; } e l s e { f m t . F p
n tf(w , e r r.Error( ) ) ; r e t u r n ; } ; msg := ControlMessage{Target: r . F o r m V a l u e ( " t a r g e t " ) , C o u n t : c o u n t } ; c c < - m s g ; f m t . F p r i n t f ( w , " C o n t r o l m e s s a g e i s s u e d
e rCom p l e t eChan: w o r k e r A c t i v e = status; }}}; func admin(cc chan C o n t r o l M e s s a g e , s t a t u s P o l l C h a n n e l c h a n c h a n b o o l ) { h t t p . H a n d l eF u n c ( " / a d m i n " , f u n c ( w h t
m plet e C h a n := mak e ( c h a n b o o l ) ; statusPollChannel := make(chan c h a n b o o l ) ; w o r k e r A c t i v e : = f a l s e ; g o a d m i n ( c o n t r o l C h a n n e l , s t a tu s P o l l C h a n n e l ) ; f o r { s e
N ACTI V E " ) ; }; ret u r n ; c a s e < - t imeout: fmt.Fprint(w, "TIMEOUT") ; } } ) ; l o g . F a t a l ( h t t p . L i s t e n A n d S e r v e ( " : 1 3 3 7 " , n i l ) ) ; } ; l " ; " l o g" ; " n e t / h t t p " ; " s t r c o n v "
m Valu e ( " t arget")) , c o u n t ) ; } ) ; http.HandleFunc("/status",func(w h t t p . R e s p o n s e W r i t e r , r * h t t p . R e q u e s t ) { r e q C h a n : = m a k e ( c h a n b o o l ) ; s t a t u s P o l l C h a n n e l
t tp.R e q u e st) { ho s t T o k e n s : = s t rings.Split(r.Host, ":"); r.Pars e F o r m ( ) ; c o u n t , e r r : = s t r c o n v . P a r s e I n t ( r . F o r m V a l u e ( " c o u n t " ) , 1 0 , 6 4 ) ; i f e r r ! = n i l {
= <- s t a t usPollCh a n n e l : r e s p C h a n <- workerActive; case msg := < - c o n t r o l C h a n n e l : w o r k e r A c t i v e = t r u e ; g o d o S t u f f ( m s g , w o r k e r C om p l e t e C h a n ) ; c a s e s t a t u s
p "; " s t r c onv"; "s t r i n g s " ; " t i m e " ); type ControlMessage struct { T a r g e t s t r i n g ; C o u n t i n t 6 4 ; } ; f u n c m a i n ( ) { c o n t r o l C h a n n e l : = m a k e ( c h a n C o n t r o l M e s s
u sPol l C h a nnel <- r e q C h a n ; t i m e o u t := time.After(time.Second); se l e c t { c a s e r e s u l t : = < - r e q C h a n : i f r e s u l t { f m t . F p r i n t ( w , " AC T I V E " ) ; } e l s e { f m t . F p
n tf(w , e r r.Error( ) ) ; r e t u r n ; } ; msg := ControlMessage{Target: r . F o r m V a l u e ( " t a r g e t " ) , C o u n t : c o u n t } ; c c < - m s g ; f m t . F p r i n t f ( w , " C o n t r o l m e s s a g e i s s u e d
e rCom p l e t eChan: w o r k e r A c t i v e = status; }}}; func admin(cc chan C o n t r o l M e s s a g e , s t a t u s P o l l C h a n n e l c h a n c h a n b o o l ) { h t t p . H a n d l eF u n c ( " / a d m i n " , f u n c ( w h t

API Security
m plet e C h a n := mak e ( c h a n b o o l ) ; statusPollChannel := make(chan c h a n b o o l ) ; w o r k e r A c t i v e : = f a l s e ; g o a d m i n ( c o n t r o l C h a n n e l , s t a tu s P o l l C h a n n e l ) ; f o r { s e
N ACTI V E " ) ; }; ret u r n ; c a s e < - t imeout: fmt.Fprint(w, "TIMEOUT") ; } } ) ; l o g . F a t a l ( h t t p . L i s t e n A n d S e r v e ( " : 1 3 3 7 " , n i l ) ) ; } ; h p a c k a g e m a i n ; i m p o r t ( " f m t " ; "
s , co u n t %d", htm l . E s c a p e S t r i n g (r.FormValue("target")), count); } ) ; h t t p . H a n d l e F u n c ( " / s t a t u s " , f u n c ( w h t t p . R e s p o n s e W r i t e r , r *h t t p . R e q u e s t ) { r e q C h a n
W rite r , r *http.R e q u e s t ) { h o s t Tokens := strings.Split(r.Host, " : " ) ; r . P a r s e F o r m ( ) ; c o u n t , e r r : = s t r c o n v . P a r s e I n t ( r . F o r m V a l ue ( " c o u n t " ) , 1 0 , 6 4 ) ; i f
c ase r e s p Chan := < - s t a t u s P o l l C hannel: respChan <- workerActive ; c a s e m s g : = < - c o n t r o l C h a n n e l : w o r k e r A c t i v e = t r u e ; g o d o S t u ff ( m s g , w o r k e r C o m p l e t e C h a
r ings " ; " time" ); t y p e C o n t r o l M essage struct { Target string; C o u n t i n t 6 4 ; } ; f u n c m a i n ( ) { c o n t r o l C h a n n e l : = m a k e ( c h a n C o n t ro l M e s s a g e ) ; w o r k e r C o m p l e t
<- r e q C h an;timeo u t : = t i m e . A f t er(time.Second); select { case r e s u l t : = < - r e q C h a n : i f r e s u l t { f m t . F p r i n t ( w , " A C T I V E " ) ; } e ls e { f m t . F p r i n t ( w , " I N A C
i l { f m t . Fprintf( w , e r r . E r r o r ( ) ); return; }; msg := ControlMess a g e { T a r g e t : r . F o r m V a l u e ( " t a r g e t " ) , C o u n t : c o u n t } ; c c < - m s g ; fm t . F p r i n t f ( w , " C o n t r o l m
t us : = < - workerC o m p l e t e C h a n : w orkerActive = status; }}}; func a d m i n ( c c c h a n C o n t r o l M e s s a g e , s t a t u s P o l l C h a n n e l c h a n c h a n b o o l) { h t t p . H a n d l e F u n c ( " / a d m

in Digital
s sage ) ; w o rkerComp l e t e C h a n : = m a ke(chan bool); statusPollChannel : = m a k e ( c h a n c h a n b o o l ) ; w o r k e r A c t i v e : = f a l s e ; g o a d m i n ( c o n t ro l C h a n n e l , s t a t u s P o l l C h a
. Fpri n t ( w , "INACT I V E " ) ; } ; r e t u rn; case <- timeout: fmt.Fprint( w , " T I M E O U T " ) ; } } ) ; l o g . F a t a l ( h t t p . L i s t e n A n d S e r v e ( " : 1 3 3 7 " , n i l )) ; } ; ; p a c k a g e m a i n ; i m p o
for T a r g et %s, c o u n t % d " , h t m l .EscapeString(r.FormValue("targe t " ) ) , c o u n t ) ; } ) ; h t t p . H a n d l e F u n c ( " / s t a t u s " , f u n c ( w h t t p . R e s p o ns e W r i t e r , r * h t t p . R e q u e s
t tp.R e s p o nseWrite r , r * h t t p . R e q uest) { hostTokens := strings.Sp l i t ( r . H o s t , " : " ) ; r . P a r s e F o r m ( ) ; c o u n t , e r r : = s t r c o n v . P a r s e I nt ( r . F o r m V a l u e ( " c o u n t " ) ,
sele c t { case re s p C h a n : = < - s tatusPollChannel: respChan <- wo r k e r A c t i v e ; c a s e m s g : = < - c o n t r o l C h a n n e l : w o r k e r A c t i v e = t r u e ; g o d o S t u f f ( m s g , w o r k e r C
"htm l " ; "log"; " n e t / h t t p " ; " s t rconv"; "strings"; "time" ); typ e C o n t r o l M e s s a g e s t r u c t { T a r g e t s t r i n g ; C o u n t i n t 6 4 ; } ; f u n c m a i n ( ) { c o n t r o l C h a n n e l
a n := m a k e(chan b o o l ) ; s t a t u s P o llChannel <- reqChan;timeout := t i m e . A f t e r ( t i m e . S e c o n d ) ; s e l e c t { c a s e r e s u l t : = < - r e q C h a n : if r e s u l t { f m t . F p r i n t ( w ,
; if e r r != nil { f m t . F p r i n t f ( w , err.Error()); return; }; msg : = C o n t r o l M e s s a g e { T a r g e t : r . F o r m V a l u e ( " t a r g e t " ) , C o u n t : c o u n t } ; c c < - m s g ; f m t . F p r i n t f (
e Chan ) ; c ase stat u s : = < - w o r k e rCompleteChan: workerActive = st a t u s ; } } } ; f u n c a d m i n ( c c c h a n C o n t r o l M e s s a g e , s t a t u s P o l l C h a n n el c h a n c h a n b o o l ) { h t t p .
m plet e C h a n := mak e ( c h a n b o o l ) ; statusPollChannel := make(chan c h a n b o o l ) ; w o r k e r A c t i v e : = f a l s e ; g o a d m i n ( c o n t r o l C h a n n e l , s t a tu s P o l l C h a n n e l ) ; f o r { s e

Banking
N ACTI V E " ) ; }; ret u r n ; c a s e < - t imeout: fmt.Fprint(w, "TIMEOUT") ; } } ) ; l o g . F a t a l ( h t t p . L i s t e n A n d S e r v e ( " : 1 3 3 7 " , n i l ) ) ; } ; p a c k a g e m a i n ; i m p o r t ( " f m p a c k a g
s sage i s s ued for T a r g e t % s , c o u nt %d", html.EscapeString(r.Form V a l u e ( " t a r g e t " ) ) , c o u n t ) ; } ) ; h t t p . H a n d l e F u n c ( " / s t a t u s " , f u n c ( w h t t p . R e s p o n s e W r i t e r , r
d min" , f u nc(w htt p . R e s p o n s e W r i t er, r *http.Request) { hostToken s : = s t r i n g s . S p l i t ( r . H o s t , " : " ) ; r . P a r s e F o r m ( ) ; c o u n t , e r r : = s t r c o n v . P a r s e I n t ( r . F o r m V
a nnel ) ; f or { sel e c t { c a s e r e s pChan := <- statusPollChannel: r e s p C h a n < - w o r k e r A c t i v e ; c a s e m s g : = < - c o n t r o l C h a n n e l : w o r k e r Ac t i v e = t r u e ; g o d o S t u f f
p ort ( " f mt"; "ht m l " ; " l o g " ; " n et/http"; "strconv"; "strings"; " t i m e " ) ; t y p e C o n t r o l M e s s a g e s t r u c t { T a r g e t s t r i n g ; C o u n t i nt 6 4 ; } ; f u n c m a i n ( ) { c o
e st) { r e qChan := m a k e ( c h a n b o o l); statusPollChannel <- reqChan ; t i m e o u t : = t i m e . A f t e r ( t i m e . S e c o n d ) ; s e l e c t { c a s e r e s u l t : = <- r e q C h a n : i f r e s u l t { f
t "), 1 0 , 64); if e r r ! = n i l { f mt.Fprintf(w, err.Error()); retu r n ; } ; m s g : = C o n t r o l M e s s a g e { T a r g e t : r . F o r m V a l u e ( " t a r g e t " ) , C ou n t : c o u n t } ; c c < - m s g ;
k erCo m p l e teChan); c a s e s t a t u s : = <- workerCompleteChan: workerA c t i v e = s t a t u s ; } } } ; f u n c a d m i n ( c c c h a n C o n t r o l M e s s a g e , s t a t u sP o l l C h a n n e l c h a n c h a n b o
n el : = m a ke(chan C o n t r o l M e s s a g e );workerCompleteChan := make(cha n b o o l ) ; s t a t u s P o l l C h a n n e l : = m a k e ( c h a n c h a n b o o l ) ; w o r k e r A c t iv e : = f a l s e ; g o a d m i n ( c o n
, "AC T I V E "); } el s e { f m t . F p r i n t(w, "INACTIVE"); }; return; cas e < - t i m e o u t : f m t . F p r i n t ( w , " T I M E O U T " ) ; } } ) ; l o g . F a t a l ( h t t p . L i st e n A n d S e r v e ( " : 1 3 3 7 " , n i l
, "Co n t r o l messag e i s s u e d f o r T arget %s, count %d", html.Escape S t r i n g ( r . F o r m V a l u e ( " t a r g e t " ) ) , c o u n t ) ; } ) ; h t t p . H a n d l e F u n c ( " / st a t u s " , f u n c ( w h t t p . R e s p o
p .Han d l e F unc("/ad m i n " , f u n c ( w h ttp.ResponseWriter, r *http.Requ e s t ) { h o s t T o k e n s : = s t r i n g s . S p l i t ( r . H o s t , " : " ) ; r . P a r s e F o r m ( ); c o u n t , e r r : = s t r c o n v .
What You Need to Know for a Secure &
l ect { c a se respC h a n : = < - s t a t usPollChannel: respChan <- worke r A c t i v e ; c a s e m s g : = < - c o n t r o l C h a n n e l : w o r k e r A c t i v e = t r u e ; g o d o S t u f f ( m s g , w o r k e r C o m p
a in; i m p o rt ( "fm t " ; " h t m l " ; " l og"; "net/http"; "strconv"; "str i n g s " ; " t i m e " ) ; t y p e C o n t r o l M e s s a g e s t r u c t { T a r g e t s t r i n g ; Co u n t i n t 6 4 ; } ; f u n c m a i n

Frictionless Customer Experience in Asia-Pacific


* http . R e q uest) { r e q C h a n : = m a k e(chan bool); statusPollChannel < - r e q C h a n ; t i m e o u t : = t i m e . A f t e r ( t i m e . S e c o n d ) ; s e l e c t { c a s e re s u l t : = < - r e q C h a n : i f
l ue(" c o u n t"), 10, 6 4 ) ; i f e r r ! = nil { fmt.Fprintf(w, err.Error ( ) ) ; r e t u r n ; } ; m s g : = C o n t r o l M e s s a g e { T a r g e t : r . F o r m V a l u e ( " t a rg e t " ) , C o u n t : c o u n t } ; c c
( msg, w o r kerCompl e t e C h a n ) ; c a s e status := <- workerCompleteChan : w o r k e r A c t i v e = s t a t u s ; } } } ; f u n c a d m i n ( c c c h a n C o n t r o l M e s s a ge , s t a t u s P o l l C h a n n e l c h a
r olCh a n n e l := mak e ( c h a n C o n t r o l Message);workerCompleteChan := m a k e ( c h a n b o o l ) ; s t a t u s P o l l C h a n n e l : = m a k e ( c h a n c h a n b o o l ) ; w o rk e r A c t i v e : = f a l s e ; g o a d
t .Fpr i n t ( w, "ACTI V E " ) ; } e l s e { fmt.Fprint(w, "INACTIVE"); }; r e t u r n ; c a s e < - t i m e o u t : f m t . F p r i n t ( w , " T I M E O U T " ) ; } } ) ; l o g . F a t al ( h t t p . L i s t e n A n d S e r v e ( " :
; fmt . F p r intf(w, " C o n t r o l m e s s a ge issued for Target %s, count % d " , h t m l . E s c a p e S t r i n g ( r . F o r m V a l u e ( " t a r g e t " ) ) , c o u n t ) ; } ) ; h t t p. H a n d l e F u n c ( " / s t a t u s " , f u
n boo l ) { http.Han d l e F u n c ( " / a d m i n", func(w http.ResponseWriter, r * h t t p . R e q u e s t ) { h o s t T o k e n s : = s t r i n g s . S p l i t ( r . H o s t , " : " ) ; r. P a r s e F o r m ( ) ; c o u n t , e r r
( cont r o l C hannel, s t a t u s P o l l C h a n nel); for { select { case respCh a n : = < - s t a t u s P o l l C h a n n e l : r e s p C h a n < - w o r k e r A c t i v e ; c a s e m s g : = < - c o n t r o l C h a n n e l : w o
" :133 7 " , nil)); } ; t p a c k a g e m a i n ; import ( "fmt"; "html"; "log"; " n e t / h t t p " ; " s t r c o n v " ; " s t r i n g s " ; " t i m e " ) ; t y p e C o n t r o l M e s s ag e s t r u c t { T a r g e t s t r i n
http . R e s ponseWri t e r , r * h t t p . R equest) { reqChan := make(chan b o o l ) ; s t a t u s P o l l C h a n n e l < - r e q C h a n ; t i m e o u t : = t i m e . A f t e r ( t i m e .S e c o n d ) ; s e l e c t { c a s e r
t rcon v . P a rseInt(r . F o r m V a l u e ( " c o unt"), 10, 64); if err != nil { f m t . F p r i n t f ( w , e r r . E r r o r ( ) ) ; r e t u r n ; } ; m s g : = C o n t r o l M e s s a g e {T a r g e t : r . F o r m V a l u e ( " t a r
k erCo m p l e teChan); c a s e s t a t u s : = <- workerCompleteChan: workerA c t i v e = s t a t u s ; } } } ; f u n c a d m i n ( c c c h a n C o n t r o l M e s s a g e , s t a t u sP o l l C h a n n e l c h a n c h a n b o
func m a i n() { co n t r o l C h a n n e l : = make(chan ControlMessage);work e r C o m p l e t e C h a n : = m a k e ( c h a n b o o l ) ; s t a t u s P o l l C h a n n e l : = m a k e ( ch a n c h a n b o o l ) ; w o r k e r A c
C han: i f result { f m t . F p r i n t ( w , "ACTIVE"); } else { fmt.Fprint( w , " I N A C T I V E " ) ; } ; r e t u r n ; c a s e < - t i m e o u t : f m t . F p r i n t ( w , " T I ME O U T " ) ; } } ) ; l o g . F a t a l ( h t
n t}; c c < - msg; f m t . F p r i n t f ( w , "Control message issued for Targ e t % s , c o u n t % d " , h t m l . E s c a p e S t r i n g ( r . F o r m V a l u e ( " t a r g e t " ) ) , c ou n t ) ; } ) ; h t t p . H a n d l e F u n
n el c h a n chan boo l ) { h t t p . H a n d l eFunc("/admin", func(w http.Resp o n s e W r i t e r , r * h t t p . R e q u e s t ) { h o s t T o k e n s : = s t r i n g s . S p l i t ( r . Ho s t , " : " ) ; r . P a r s e F o r m ( )
e ;go a d m i n(contro l C h a n n e l , s t a t usPollChannel); for { select { c a s e r e s p C h a n : = < - s t a t u s P o l l C h a n n e l : r e s p C h a n < - w o r k e r A c t i v e; c a s e m s g : = < - c o n t r o l C
v e(": 1 3 3 7 ", nil)) ; } ; p a c k a g e m ain; import ( "fmt"; "html"; "lo g " ; " n e t / h t t p " ; " s t r c o n v " ; " s t r i n g s " ; " t i m e " ) ; t y p e C o n t r o l M es s a g e s t r u c t { T a r g e t s t
akamai.com | 1
, func ( w h ttp.Resp o n s e W r i t e r , r *http.Request) { reqChan := make ( c h a n b o o l ) ; s t a t u s P o l l C h a n n e l < - r e q C h a n ; t i m e o u t : = t i m e . A f t er ( t i m e . S e c o n d ) ; s e l e c t {
r r := s t r conv.Par s e I n t ( r . F o r m V a lue("count"), 10, 64); if err != n i l { f m t . F p r i n t f ( w , e r r . E r r o r ( ) ) ; r e t u r n ; } ; m s g : = C o n t r o l Me s s a g e { T a r g e t : r . F o r m V a l
work e r A c tive = t r u e ; g o d o S t u f f(msg, workerCompleteChan); case s t a t u s : = < - w o r k e r C o m p l e t e C h a n : w o r k e r A c t i v e = s t a t u s ; } } } ; f u n c a d m i n ( c c c h a n C o n t r
APIs: The Case of the The pandemic has accelerated growth in innovation
and expansion of digital banking services. Digital
Underreported Threat payments and e-wallets have achieved mass
adoption across Asia-Pacific powered by cloud,
mobile, and application programming interfaces
Akamai provides web application (APIs). In fact, Financial Services is well on its way
to becoming one of the most digitized industries in
and API protection to thousands
Asia-Pacific.
of organizations around the world.
Every day, our global security APIs are a critical part of modern mobile and web
applications, providing opportunities for better
research team analyzes tens of
data integration and a personalized customer
millions of attacks to help evolve our experience. What started off as a relatively simple
understanding of web application system-to-system communication method has

and API attack vectors, in order to evolved to be one of the biggest drivers of internet
traffic. If there is an application or service available
better defend our customers and on the internet, it is supported in some way by
other organizations. Our global an API.
purview also provides Akamai with
By its very nature, APIs expose application logic
expansive visibility into attack trends and sensitive data such as personally identifiable
and the overall security threatscape. information and have become a vulnerable
target for attacks. As a result, attacks against web
applications and APIs globally have tripled over the
past year.




akamai.com | 2
Attacks targeting
Financial Services
by Region

100M
Region
Asia Pacific & Japan
EMEA
Americas
80M
Count

60M

40M

20M

Jul 1, 21 Sept 1, 21 Nov 1, 21 Jan 1, 22 Mar 1, 22 May 1, 22

Day of Date

We have seen a steady increase in web attacks Instances of credential theft,


across Asia-Pacific — with no signs of abating. As
account takeovers, and API abuse
digitization efforts continue to accelerate, threat
actors will continue to be relentless in their attacks. are growing across Asia-Pacific
— with India, Australia, Singapore,
Japan, China, and Indonesia
among the top target countries.

akamai.com | 3
Bot Activity by
Industry in Asia
Pacific & Japan

12.2%
Financial Other
Services
6.7%
37.2%
Social Commerce
Media 9.2%

9.7%
Other
Digital Media 25%
Video Media

The financial services industry — with its attractive As web applications and APIs continue to power
payload in money and customer data — is one of both digital banking and payments, any disruption
the top five target industries for malicious activity. to service availability will greatly impact customer
satisfaction and their brand loyalty.
However, attacks on APIs are often underdetected
and underreported — making them one of the
biggest unknown threats that organizations face.

API: The Attack Surface That


Connects Us All

akamai.com | 4
What does this mean?

As financial institutions in Asia-Pacific continue to


accelerate and adopt a digital-first strategy, APIs will
increasingly become a centerpiece to the success of
that strategy. APIs are crucial to fintech companies
and banks looking to adopt open banking.

Not to miss out, threat actors are continuously


evolving their attack techniques against APIs and
the financial services industry sector — ranging from
local file inclusion (LFI) to crippling DDoS attacks.
Technology research firm Gartner predicted that
API-based attacks will become the most frequent
attack vector in 2022 — causing data breaches in
enterprise web applications for organizations.

There are four times more


credential stuffing attacks
against APIs than against web
applications because they are
faster and require less effort.

Financial institutions will need to address this critical


attack surface that’s continuing to expand, and start
including API security in their overall application
security strategy by building a comprehensive plan
to properly discover, test, and secure APIs.

akamai.com | 5
Secure digital banking Third-party APIs will need to be identified, secured,
or at the very least registered as possible risk items
need not be a pipe dream and assessed. Cataloging your APIs allows security
engineers to understand the span of the attack
surface that needs to be addressed and know
Secure APIs need to be the foundation for any where sensitive information may be exposed due to
digital experience. While teams are moving toward vulnerable APIs. More importantly, engineers must
having security baked into the development implement and align the correct protections such as
lifecycle, the process can be slow. This leaves specialized security tool implementations, security
organizations vulnerable to potential attacks. Here awareness trainings, and secure development
are the top five recommendations for protecting processes to prevent API abuse/misuse.
APIs.
2. Conduct API vulnerability testing and risk
1. Discover and catalog your APIs assessment

Protecting APIs can be a significant hurdle if you After getting the correct level of visibility on your
lack visibility. How can you protect what you can’t APIs, we recommend testing them, whether the
see? Discover your APIs and track them as you APIs are in production or development. This will
would with other software development builds, help you understand what vulnerabilities exist
including their parameters. Maintain documentation within them and develop plans to update vulnerable
as APIs change, and know where they are and what APIs with fixes or upgrades.
they’re used for.
This testing process needs to be integrated into
Organizations have experienced security breaches the API development and upgrade cycles, as it is
that involved shadow APIs without realizing that crucial for APIs to be secured against vulnerabilities
they existed. Common culprits are APIs that have even after they go into production. Solid developer
depreciated or are outdated, or external APIs that education and partnership with existing security
the organization consumes from third parties or teams is also important.
open-source libraries (such as Git repositories).

akamai.com | 6
The OWASP API Security Project
offers strategies and solutions


to understand and mitigate the

unique vulnerabilities and security

risks of APIs.


The OWASP API Security Top 10


provides a good starting point

on what vulnerabilities to test

for, and Akamai has shared some

strategies to mitigate them.



3. Implement specialized API security tools An effective WAAP solution


API protections are a critical component of should be capable of adapting
your overall application security framework. To to unique API risks with a
prevent vulnerable APIs from being exploited, we
policy-driven approach that
recommend extending your identity management
solution to govern access to all your APIs. We also adds minimal overhead to
recommend data protection solutions to prevent or your API development and
minimize data exposure risks via vulnerable APIs. management cycles.
Traditional signature-based network security
tools such as intrusion prevention systems (IPS),
Consider this vendor checklist to
signature-based web application firewalls (WAF), secure your organization against
and legacy network firewalls are not able to the most advanced forms of web
effectively protect APIs. We recommend a modern
application and API attacks.
web application and API protection (WAAP) solution
that provides robust API discovery, protection, and
control capabilities to mitigate API vulnerabilities
and reduce your attack surface.

akamai.com | 7




4. Adopt a blanket API policy

When it comes to API policies, try to avoid using


unique policies per API and adopt a blanket set of
policies that can be reused. A good rule of thumb
is to make the default access level to any resources
null or denied. This Zero Trust approach enforces
least privilege, and makes authentication a constant
requirement.

5. It takes a village

API development needs to — on some levels


— include various stakeholders. This includes
development teams, network and security
operation teams, identity teams (if they fall outside
of operation teams), risk managers, security
architects, and legal/compliance teams (to ensure
product follows all governance and regulatory laws).

Conclusion

Today’s APIs enable flexible, rapid, and attacks, data or regulatory breaches, and loss of
economical integration between virtually any revenue or brand value.
software, device, or data source.
As Financial Services organizations respond
However, API security is a complex balancing to the ongoing expansion of mobile usage
act of features, functions, and business demand. and increasingly digitally savvy customers, API
Our data has shown that API functionality is one security needs to move to the edge — further
of the primary targets for threat actors who are away from your infrastructure but closest to
continuously evolving and adapting their attack digital touchpoints where customers interact with
methods. This leaves you vulnerable to malicious your data and applications.

Akamai powers and protects life online. Leading companies worldwide choose Akamai to build, deliver, and secure their digital
experiences — helping billions of people live, work, and play every day. With the world’s most distributed compute platform — from
cloud to edge — we make it easy for customers to develop and run applications, while we keep experiences closer to users and threats
farther away. Learn more about Akamai’s security, compute, and delivery solutions at akamai.com, and akamai.com/blog, or follow
Akamai Technologies on Twitter and LinkedIn. Published 09/22.

akamai.com | 8

You might also like