Current Situation
As insurance organizations adapt to an open insurance or connected ecosystem enabled insurance model, they need to build standardized, secure access to data for third parties. There are various mechanisms to share and access data. Hence security, clear access controls and authentication mechanisms, efficiency, data quality, and standards should be in place. This is more relevant in scenarios where insurance organizations bring their own connected insurance platforms to market.
Goals and Objectives
Improve security in the ecosystem by making sure only authorized/certified parties can access data. Define clear rules and agreements on data access, data storage, and certificates to increase clarity and accountability. Increase transaction security and reduce fraud through tokenization. Ensure that customer consent applies at any time and has not been withdrawn.
Technology Deployed
API gateway
Identity management platform
Use Case Summary
Identification of third parties accessing internal infrastructure via APIs based on certificate issued by qualified certification authority or in compliance with insurer’s own rules. This includes definition, monitoring, and access management of unlicensed third parties. With API monetization, this will also be essential for billing and tracking of traffic.