This TextKey PHP library allows a developer to implement REST API calls server-side from a PHP backend. TextKey is an omni-factor authentication API that uses seven-factors of authentication to provide security for devices ranging from mobile to electronic door locks. TextKey works through using SMS service, unique code, cellular number, UDID, a single use URL, and an optional pin. TextKey uses REST with a JSON response and SOAP. TextKey is free for ten users, and available for a monthly charge per user thereafter.
Distil Networks has launched Bot Defense for API, a solution that protects API servers from bots. It protects API servers by determining if a human is using a verified browser or mobile device to gain access. It also determines if a browser is legitimate or an API client masquerading as a browser.
Back in the good old days things were a lot simpler. You didn’t have to worry about packet capturing or password extracting, and as a result a lot of the original protocols like HTTP, FTP and POP3 didn’t worry about sending your passwords over the wire in plain text. But in today's increasingly sophisticated API-driven world this isn't enough.
A Digg community member, suspicious of some top links, used the site's Digg API to uncover a 159 fake accounts. By comparing the stories voted on by these accounts to other stories, he discovered what appeared to be directed fraud and what Digg now calls "tests to find spam vulnerabilities." We spoke to the community member to learn how he used the site's API and what he learned.