STANDARDS CONFORMANCE

Inline with International Disciplines

Commitment to international security standards makes PlustAuth a trusted security solution partner for companies anticipating reliability and credibility in their security investments.

LegalComp&StandardsConf_OpenId

OpenID Connect

A Simple Identity Layer

OpenID Connect (OIDC) is an interoperable authentication protocol based on the OAuth 2.0 family of specifications, enabling developers authenticate their users across websites and apps without having to own and manage password files.

The OpenID Foundation enables deployments of OpenID Connect, the Financial-grade API (FAPI) and Financial-grade API Client Initiated Backchannel Authentication Profile (FAPI-CIBA) to be certified to specific conformance profiles to promote interoperability among implementations.

PlusAuth has been certified for the OpenID Provider conformance profiles and the Financial-grade API (FAPI) conformance profiles.

LegalComp&StandardsConf_OAuth

OAuth 2.0

An Authorization Framework

OAuth 2.0 is the industry-standard protocol for authorization, focusing on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and IoT devices.

Limited access is achieved either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.

LegalComp&StandardsConf_PCI

PCI DSS

Global Payment Account Data Security

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards formed in 2004 by Visa, MasterCard, Discover Financial Services, JCB International and American Express. Governed by the Payment Card Industry Security Standards Council (PCI SSC), the compliance scheme aims to secure credit and debit card transactions against data theft and fraud.

The PCI SSC has outlined 12 requirements for handling cardholder data and maintaining a secure network. Distributed between six broader goals, all are necessary for an enterprise to become compliant.