On the Fly: Homomorphic Encrypted Web API

Jaroslav Machaň Jaroslav Machaň cz API&SDK owner & API evangelist
Jan Sechovec Jan Sechovec cz Innovation evangelist
Petr Michalík Petr Michalík cz Developer
Pavel Michalík Pavel Michalík cz Developer at Česká spořitelna

Saturday, 10:00 - 16:00

Back Stage

Workshop will be in Czech and English.

Česká Spořitelna will allow third parties access to their Web API. Some APIs provide access to client data (after client impersonation - OAUTH2), allowing partner applications to show clients their products and transaction history. 

A problem occurs in situations where a partner application needs to solve more complex problems with the provided data.

For example: Cloud accounting implements a function of pairing issued invoices and incoming payments. This means the transaction history of an account is continuously obtained from an API, stored in the application’s database, and then, the corresponding payment is retrieved. In addition to the client’s transaction history, it also provides a cashflow analysis - balance sheets, outstanding and paid invoices, and payment behavior. 

Storing client data in a third party application is controversial. First of all, it is inconsistent with the Česká Spořitelna Developers Agreement. Second, it is subject to regulation (personal data, bank secrecy, banking compliance services, operational and reputational risk, misuse of client data, etc.). 

The solution may be to provide data to a third party in a non-transparent form, while at the same time making it possible to transform, aggregate, and search data in a system and provide value to the customers who want it. The concept of homomorphic encryption allows this approach.

Jaroslav Machaň

Jaroslav Machaň

API&SDK owner & API evangelist

Jaroslav is an API evangelist who fell in love with his team and work at Česká spořitelna. He enjoys proving to the world that when you really want something, you can achieve it - even in a bank. It’s his first experience in corporate, so he sees all the places where we need to push ourselves in order to work as hard as humanly possible. For example, a press release is a rap song to him. He writes stories that no one knows. 


linkedin

Jan Sechovec

Jan Sechovec

Innovation evangelist

Honza follows current trends and opens the eyes of others. He is a cross between a talented engineer and an innovator. More than 15 years of experience with hard work in corporate companies, his own business, and also several battlefields have given him energy so concentrated that an energy drink would turn green with envy. 


twitter linkedin

Petr Michalík

Petr Michalík

Developer

One of the intellectual fathers of WebAPI with the heart and soul of an innovative developer. He spends his spare time exploring the depths of space with his telescope and promoting (not only among his colleagues) the Society for Interplanetary Matter.


Pavel Michalík

Pavel Michalík

Developer Česká spořitelna

Just like every car needs a motor, Paul needs WebAPI to make sense. He is the godfather of agile development at Česká spořitelna and a destroyer of corporate myths. When he’s not crushing code, he’s catching comets in the night sky with his brother.