ProgrammableWeb's Most Clicked, Shared and Talked About APIs of 2019: Security and Privacy

This Security and Privacy section of ProgrammableWeb's Most Clicked, Shared and Talked About APIs of 2019 features APIs in those two categories plus Authentication, Compliance, Validation, Safety, Recognition, Identity, Cameras, Emergency, and Verification.

API news in these sectors this past year included many topics such as securing APIs, data privacy, data security, utilizing blockchain for security, election hacking and election meddling, ad fraud, bug bounty programs, secure messaging, identity services and biometrics, securing live video, recognition tools for stopping abusive content, IoT security, online safety for kids, plus the usual round-up of vulnerabilities, data leaks, breaches, and attacks.

With all that in mind, we present the full list of the Most Clicked, Shared and Talked About APIs of 2019 in Security and Privacy, that piqued the interest of our readers, followers, and editors.

Microsoft Windows Defender Platform arms enterprise networks with prevention, detection, investigation, and response to advanced threats. The Windows Defender Advanced Threat Protection (ATP) APITrack this API offers a suite of tools built for security operations teams. The API exposes data and actions that will enable users to automate workflows based on Windows Defender ATP capabilities. There are methods available for advanced hunting, alert, machine and more.

Nullafi is a security platform used to protect sensitive data in organizations. This platform supports legacy and current data, simultaneous attack protection, threat analytics, diagnostics, reporting, and hive threat intelligence. This Nullafi APITrack this API provides access so approved third-party applications can interface via C#, NodeJS and Java SDKs.

Shadowserver is a non-profit, watchdog group of security professionals that gather, track, and report on malware, botnet activity, and e-fraud. The Shadowserver APITrack this API provides a lookup mechanism to test an executable file against a list of known software applications. The details are serialized in JSON for Integration with your application.

Shadowserver API

Screenshot: Shadowserver

Unique Secure provides electronic point of sale (POS) digital systems with smart connectors, custom LEDs, and custom graphics. The Unique Secure platform offers several variants of their modular POS devices. This technology protects against theft and tampering. The APITrack this API and hardware require indirect access through SDKs.

CrimeoMeter provides crime data and crime maps for more than 50 cities. The CrimeoMeter Crime Data APITrack this API returns data including incident code, date, description, source, type, location, and more. The API also returns JSON data with safety quality indexes (SQI), statistics, and safety recommendations for a specific location.

crimeometer API

Screenshot: CrimeoMeter provides private sharing technology to enable individuals to own and control their data. The Consent Access APITrack this API and SDKs allow an application or website to request access to personal data from individuals, and to share data back to an individual. The API enables access to a secure sync engine, allowing users to connect, retrieve a copy of data, normalize data from various service providers, store it in a Library using a cloud storage service of their choice and more.

Tanker provides privacy and data protection services for application builders. The Tanker APITrack this API and SDKs add in-app Encryption capabilities without affecting User Experience or performance. The API enables Tanker to take care of key and identity management, and all user actions are encrypted. Tanker does not store data; all users and groups use their own keys which are associated with their cryptographic identities. SDKs are available for easy Front-end integration.

SafetyLocker EDI Tokenizer APITrack this API is a REST service that is designed to be used in EAI platforms to address privacy concerns over personal ID information that is transferred through electronic messages. The SafetyLocker EDI Tokenizer API allows users to tokenize electronic documents or a single given element and enables clients with access to audit logs and tokens.

Ipregistry APITrack this API allows users to get geolocation information but also threat data for a given IP address. Threat data returns knowledge about if users make use of Tor, a public proxy or is a known source of malicious activities. Ipregistry is used for content personalization, geotargeting, geofencing, ad targeting, digital rights management, form auto-completion, and more.

Ipregistry provides location data and identifies potential threats

Ipregistry provides location data and identifies potential threats. Image: ipregistry

KYC3 provides data services for compliance, risk management, business development, and legal professionals. The KYC3 Customer Identity and Risk Screening APITrack this API can verify users with video and photo identification, ID document processing, facial and speech recognition, politically exposed person (PEP), media, and country risk screening and scoring.

SSN / EIN Formatter and Validator APITrack this API validates and formats Social Security Numbers and Employer Identification Numbers SSN/EIN. Usage is free with attribution.

Code42 prevents data loss, protects data during layoffs, mergers & acquisitions, and prevents insider threats. The Code42 APITrack this API returns reports and enables users to perform actions and integrate with other systems to protect the trade secrets of software companies.

Code42 API

Screenshot: Code42

Happi.Dev provides various APIs for developers and accepts PayPal or Bitcoin for payments. Happi Password Generator APITrack this API is a strong password generator that helps users create strong and secure passwords.

IPQualityScore (IPQS) offers anti-fraud solutions including email verification, device fingerprinting, and proxy detection. The IPQualityScore Email Validation APITrack this API validates email reputation, risk analysis, and mailbox validity. IPQS maintains detailed reports of fraudulent behavior online. It can check every email address from transactions, orders, users, lead gen info, etc. against a quick API call to determine email low quality or invalidity.

Angelcam is a cloud-based service that allows users to access their security cameras remotely and share camera views with selected people. The Angelcam APITrack this API allows developers to connect with and manage their cameras, sensors, and smart security devices programmatically using RESTful calls.

Snyk is a service to help developers automatically find and fix open source vulnerabilities. The Snyk APITrack this API provides security to developers targeting open-source platforms. With the API, developers can test packages for issues, evaluates deployed code, and reports a snapshot of the dependency versions in use.

Snyk provides container security, application security, and license compliance services

Snyk provides Container security, application security, and license compliance services. Screenshot: Snyk

XposedOrNot provides over 850 million passwords collected from real-time data breaches. Passwords can be searched anonymously through the K-Anonymity model. Developers can use the XposedOrNot APITrack this API to safeguard websites or applications from poor and exposed passwords for their respective authentications.

TypingDNA provides typing biometrics services. The TypingDNA APITrack this API matches typing patterns in order to authenticate a user. Typing behavior is captured using JavaScript, and pattern matching results are returned in JSON format, letting the developer know whether or not the typing patterns belong to the same user. This API can be used for secure login, enforcing reset passwords, and online biometric Authentication.

Google Cloud Private Catalog APITrack this API is a RESTful service that enables IT administrators to control and make enterprise applications discoverable. The API provides a way to create, share, and manage private catalogs, control distribution, and ensure internal compliance. Retrieve data about folders, catalogs, organizations, products, projects, versions and more with the API. Google Cloud Private Catalog Producer APITrack this API is also available to return data about catalogs, associations, products, operations and more.

Rapid7 InsightVM is a vulnerability management platform. The Rapid7 InsightVM APITrack this API allows programmatic communication with local InsightVM instances. The API provides access to users, reports, vulnerabilities, policies, remediation, and asset lists in order for security application developers to integrate the capabilities of the Rapid7 InsightVM into their own applications and scripts.

DarkOwl's DARKINT Suite is a database of darknet, dark web, deep web, and high-risk surface net content and data. The DarkOwl DARKINT Vision APITrack this API queries DarkOwl Vision's collection of DARKINT™ data with Booleans, filters, and fields and calculates DARKINT scores based on the quantity, quality, and freshness of exposed darknet data.

DARKINT API provides scores for how exposed a company is on the dark web

DARKINT API provides scores for how exposed a company is on the dark web. Screenshot: DarkOwl

PayPal offers eCommerce and online payment solutions for millions of customers globally. The PayPal Identity APITrack this API provides allows users to sign into a website using PayPal login credentials. This service enables PayPal credential login or linking a PayPal account to your website or app to share basic information.

Ping Identity provides intelligent identity and security services. PingOne for Customers is a cloud-based service for secure identity access management. The PingOne for Customers Management APITrack this API allows users to manage authorization, authentication, permissions, and application sign-on policies. Get data about active identities, and manage image resources, applications, environments, branding, configurations, audit reporting and more with the API.

BioID Web Services (BWS) is a webcam-based biometrics service for cloud, web, and mobile application developers. The BioID SOAP APITrack this API enables applications for liveness detection, ticketless check-in and fraud prevention with face, eye or voice recognition, and similarity search. The technology features advanced anti-spoofing mechanisms and anonymous binary data processing.

BioID API compares 2 live facial images against a photo ID, and insures the live images are from a live person

BioID API compares 2 live facial images against a photo ID, and insures the live images are from a live person. Image: BioID

Hybrid Analysis is a free malware analysis that detects unknown threats powered by CrowdStrike. The Hybrid Analysis Falcon APITrack this API returns URL file submission, data report, and query searches about malware in JSON and XML formats.

Complete Criminal Checks Offender APITrack this API provides criminal check data. It covers all USA states plus Puerto Rico for convicted sex offender crimes. The API offers both name lookups and mappable address complete with latitude/ and longitude coordinates. Users can make 25 calls per day free with upgrades available.

CatchBot Antibot APITrack this API protects a website against bots and automated form submissions. Developers can add minor JavaScript and HTML codes to a page, and through an API call, CatchBot verifies a visitor. This API is an easy alternative to Recaptcha By Google.

Duo Security provides trusted access services. The Duo Auth APITrack this API adds two-factor authentication (2FA) to websites, applications, and SaaS. With the API, developers receive pre-authentication, authentication, and authentication status. Duo is now a part of Cisco.

Splunk provides various IT services including Security Information and Event Management (SEIM), AIOps, Machine Learning, and compliance. The Splunk Enterprise Security APITrack this API offers REST endpoints to interact with the Splunk Enterprise Security programmatically or from a web search. It provides methods for accessing threat intelligence, notable events, and analytics.

Applied Recognition enables facial recognition in applications for companies looking to upgrade to biometrics support. Applied Recognition Ver-ID supports low-friction face registration, authentication, and face-based document signatures. The Applied Recognition APITrack this API provides indirect access to several SDKs for easy integration.

Let's Encrypt APITrack this API allows developers to use the ACME protocol to request certificate management actions for a server. Developers will need to create an account, request a certificate, and prove control of the domains in that certificate in order for it to be signed. The Let's Encrypt API is filed under Security.

ipTwist is an IP geolocation service. With the ipTwist APITrack this API, developers can build logic to identify website visitors, e-commerce customers, and countless other identification via IP address. Determining identity from an IP address helps reduce risk in web applications.

CloudSploit is a security and configuration scanner that supports the detection of threats to a user's AWS account. Developers can use the CloudSpoilt APITrack this API to trigger interactions between applications and the CloudSploit platform.

StrongSalt provides an encryption as a platform service. The StrongSalt Open Privacy APITrack this API enables built in data protection and data privacy within applications. It aims to be for privacy what Stripe is for payments or Twilio is for communications.

Keesing Technologies provides ID verification solutions. The Keesing Biometric Onboarding APITrack this API utilizes OCR and facial recognition to allow application users to verify identity via a selfie.

Be sure to read the next Security article: zvelo Introduces API for Web Content Classification and Malicious Detection