Today in APIs: MYOB's ERP API

MYOB launches an ERP API for its EXO business management system. Manipulating an API to... get a date? Plus: SpeakLike's Human Translation API and NYC issues 311 challenge.

MYOB Adds New API for EXO Business Platform

MYOB, Australia's largest provider of business management solutions, has launched an API for its mid-sized ERP platform, EXO Business.

As Andrew Birch, the General Manager for the Enterprise Division put it in the press release, this new API follows on the heels of another API, AccountRight Live, released earlier this year:

"The launch of EXO Business API is a significant milestone in the tier 3 ERP solution space and greatly enhances MYOB’s ability to assist mid-sized clients in managing their businesses. Importantly, the best-practice API design enables third-party developer partners to achieve stable Integration and extend their reach to include our many thousands of EXO Business clients. Developers can also connect to the API directly on premise or via the cloud."

What's driving this are more and more businesses that require integration of best of breed modules, a process that is vastly simplified by the API. For example, integrating a website and a warehouse management system would previously have been a difficult task; the API makes it easier and faster. Additional tools to integrate online services--such as customisable reports and analysis--are now possible with the API.

Australian Dating Service Tinder Gets Caught in API Security Breach, Issues Quick Fix

For the second time in a year, the Australian dating service Tinder (no, this isn't a special Aussie news day; just worked out that way) has been caught with serious security flaws. First, it exposed its users' location information for weeks, perhaps months. Tinder is part of IAC, owner of dating sites and OkCupid.

Now that that first problem has been fixed, a new issue has popped up. Zachary M. Seward writing in Quartz, reports how one hacker could manipulate the API from the service to violate privacy safeguards:

"Shaked Klein Orbach, a web developer in the Netherlands, has just documented a few other privacy holes in Tinder. Most alarmingly, it appears possible to fool Tinder into making a match with someone who hasn’t expressed interest—and in doing so, reveal that user’s email address."

Fortunately, Tinder jumped on it and fixed the flaw. The CEO, Sean Rad wrote in part, "We want to thank Mr. Orbach for pointing out a way to create a match with another user through manipulating certain API calls..." That response is a lot more cordial to hackers uncovering security breaches than many companies offer. But then, it's their job to encourage warm and fuzzy.

API News You Shouldn’t Miss