Docomo Tightens security for open APIs, Deploys the Web API access-authorization engine of Authlete, Inc

39

NTT DOCOMO, INC. announced today that it has begun deploying the Web API access-authorization engine of Authlete, Inc. to enhance the security of open APIs for device providers and DOCOMO services as well as to enhance collaboration among companies.

Tokyo-headquartered Authlete became an affiliate of the DOCOMO Group when NTT DOCOMO Ventures, a wholly owned subsidiary, bought a stake in the company on November 30, 2017.

Authlete’s OAuth 2.0 is a framework in which a user of a service can allow a third-party application to access his/her data hosted in the service without revealing his/her credentials (ID & password) to the application. Authlete is based on standards developed by the OpenID Foundation, a non-profit international standardization organization committed to enabling, promoting and protecting OpenID technologies. It is listed in Request for Comments (RFC) of the Internet Engineering Task Force (IETF).

The company also developed AuthleteTM, a cloud-based service that supports the Web API authorization process based on OpenID Connect, a framework on top of OAuth 2.0 in which a third-party application can obtain a user’s identity information managed by a service.

Going forward, DOCOMO expects to increase the uptake of Authlete’s services among companies in the API and IoT business fields to achieve lifestyle innovation under the company’s “Declaration beyond” medium-term strategy to 2020 and contribute to the development of their partners’ business.