Aujas Cybersecurity, one of the leading enterprise security service providers announces a launch of “Saksham” which enables organizations to quickly and reliably test their API implementation for compliance, security, and readiness to join the Account Aggregator ecosystem. Saksham is a self-service based automatic certification approach that ensures the APIs used by each organizational entity are as per the schema, interoperability, and security specifications of Reserve Bank Information Technology Private Limited (ReBIT). Sahamati, a collective of the Account Aggregator Ecosystem has impanelled Aujas Cybersecurity to conduct mandatory certification audits for participating organizations of the AA ecosystem.
Managing user data in a secure, economical manner has been a challenge across India. This challenge is due to data in silos across banks, financial and healthcare institutions, telcos, to name a few. There was no framework to collect and securely share this data with user permissions. Aggregating data from far off locations is expensive and can lead to data leaks and privacy breaches. There emerged a national need to effectively manage the fragmented and unsafe data through a secure framework.
In 2016, the Reserve Bank of India (RBI) addressed this issue by approving a new class of NBFCs to function as Account Aggregators (AAs), whose key responsibility is data transfer with explicit user consent. Named Sahamati, this ecosystem helps businesses and individuals collate and share data digitally, ensuring their integrity, confidentiality, and privacy. Account Aggregators cannot access, store, or sell user data. End to end protection of data confirms there is a secure data flow between AA entities.
To become a part of the Account Aggregator ecosystem, participant organizations need to comply with RBI guidelines for API & functional flow. The organizations include Financial Information Provider (FIP) (Eg. Banks, Mutual Fund investment, Insurance portfolio, etc.) and Financial Information User (FIU) (Eg. Lending firms, wealth managers, personal finance management apps, robo advisors, etc.) The ecosystem is a digital framework and has stringent security requirements to protect data against unauthorized access.
Saksham checks and validates whether the entities’ API and function flow controls/specifications align with those defined by ReBIT for FIP/AA/FIU modules, including completeness of implementation. The certification ensures the organizations demonstrate and fulfill the technical and security controls defined as per NBFC-AA API specifications published by ReBIT. Aujas certifies entities after evaluating the self-assessment output. The certificate issued after the successful run of Aujas Saksham product is proof of compliance.
It is an innovative product from Aujas that has enabled financial organizations such as IndusInd Bank, Axis Bank, Bajaj Finance Ltd., OneMoney, NADL, CAMSOnline, Finvu, and others to comply with RBI’s Account Aggregator framework. In Oct’20, IndusInd Bank became the first bank to go-live on RBI’s Account Aggregator framework. With its fully automated scenarios, Saksham is the fastest way to get compliant. Every financial institution should become a part of the Account Aggregator ecosystem for faster business turnarounds, better cost efficiencies, lower infrastructure costs/credit costs, and provide better products and solutions for users.
About Aujas Cybersecurity
Aujas cybersecurity is an enterprise security service provider for organizations across North America, Asia Pacific, and EMEA regions. Aujas has deep expertise and capabilities in Identity and Access Management, Risk Advisory, Security Verification, Security Engineering & Managed Detection and Response services. By leveraging innovative products and services, Aujas helps businesses build and transform security postures to mitigate risks. The service focus is to strengthen security resilience by minimizing sophisticated attacks and threats while offering 360-degree visibility and protection across enterprise infrastructure.
For more details, get in touch with Aujas at, email@example.com