The application program interface (API) is designed to enable secure, tokenised consumer data transfers between financial institutions and technology companies, and meets the security and privacy requirements of US and European regulators, FS-ISAC said. Through tokenisation, the API improves security so that financial institutions can share information with account aggregators more securely. The API and associated report on security control considerations was developed by the FS-ISAC Data Aggregation Work Group, comprising more than 25 financial services firms, with input from multiple fintech firms that provide data aggregation tools and services. “Creating a standard API for secure data sharing benefits everyone in the data aggregation ecosystem,” said Eric Guerrino, FS-ISAC chief operations officer. Data sharing between financial application servers and financial institution servers is then done securely via a unique virtual token that identifies the consumer and their respective accounts.