API Security Framework

  1. News & Insights

API Security Framework

16 March 23

Share This

The European Payments Council (EPC) publishes today the Application Programming Interface (API) security framework that lists the minimum security-related requirements applicable to the SEPA Request-to-Pay (SRTP) and SEPA Payment Account Access (SPAA) scheme participants using APIs, whether they rely on the default European Payments Council (EPC) SRTP related API Specifications or on other API specifications.

This framework will become mandatory as of 30 November 2023 for the SRTP and SPAA scheme participants when using APIs, whether they rely on the default European Payments Council SRTP related API Specifications or on other API specifications.

Your reactions

If you would like to comment on this article, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion you agree to abide by the EPC website conditions of use.

Related document
API Security Framework
Latest News
Around the web – a compilation of some interesting reports about payments published last quarter
Call for Interest: development of SEPA Payment Account Access compliant API specifications
Yearly update of the “Guidelines on cryptographic algorithms usage and key management”
Public consultation on change requests for the EPC payment scheme rulebooks