au Jibun Bank Adopts Authlete to Build FAPI-Compliant API Infrastructure

The Authlete solution enables secure and reliable API authorization with agility and flexibility, enhancing collaboration with external companies and services

We are pleased to announce that au Jibun Bank Corporation has selected Authlete.

au Jibun Bank was jointly established by KDDI and MUFG Bank in 2008 as an online bank specializing in mobile services. One of the bank’s philosophies is to create financial services that go beyond those offered by traditional banks, thereby impressing customers. With this philosophy in mind, the bank is running various initiatives to become the most approachable bank to customers, and has surpassed 5 million deposit accounts (as of December 12, 2022) and its total balance of deposits surpassed 3 trillion yen (as of July 10, 2023).

The bank selected Authlete to implement OAuth 2.0 authorization functionality for APIs exposed to its business partners. Yoshikazu Takagi, Executive Officer and Head of IT Division at au Jibun Bank Corporation, said the following:

One of the deciding factors in choosing Authlete was its support for FAPI, a set of detailed specifications for advanced OAuth 2.0 security. We strongly believe that FAPI compliance is paramount, especially when dealing with "read/write APIs" such as those for payment initiation and money transfer.

Authlete has been deeply involved in the development of the OpenID Foundation's "OpenID Certification Test Suite," a collection of software that tests whether products and services that support OAuth 2.0 / OpenID Connect (OIDC) related specifications, including FAPI, actually implement the specifications correctly. With this track record, we can expect Authlete to quickly support the ever-evolving FAPI specifications, which is why we chose the solution as the core of our API authorization.

But there's more - we valued Authlete because it was a dedicated solution for OAuth/OIDC protocol processing and token management. It allowed us to implement FAPI support by complementing, rather than replacing, our existing customer information management and user authentication systems. In addition, all of Authlete's features were exposed as APIs. Thanks to its API-based architecture, it was easy for us to smoothly integrate it with a newly deployed API gateway.

Looking ahead, we are committed to expanding our API offerings, strengthening security with FAPI, and fostering collaboration with external companies and services.

Please check the Customers section of our website for other customer case studies.