High profile data breaches resulting from faulty APIs continue to make headlines. In the last few months alone, T-Mobile’s data breach resulted in hackers stealing personal data of more than two million customers while Google shutdown the consumer version of Google+, citing a bug that exposed the personal profiles of up to 500,000 users, with the API at fault used by up to 438 applications.
Privacy and security issues stemming from API development have continued to rise over the last year, with Gartner predicting that it will be the largest source of data breaches by 2022. But without a deliberate, focused effort to protect these systems, even that timeline seems optimistic. To counter this threat, businesses need to follow these three steps when developing APIs.