Rapyd Secures APIs to Protect Payment Innovation

Rapyd is the fastest way to power local payments anywhere in the world, enabling companies across the globe to access markets quicker than ever before. By using Rapyd’s unparalleled payments network and fintech as a service platform, businesses and consumers can engage in local and cross-border transactions in any market.

The Rapyd platform is unifying fragmented payment systems worldwide by bringing together  900-plus payment methods in more than 100 countries.

Rapyd’s main product is its public payments API, which handles billions of dollars of transactions 24/7. Even minor instances of disruptions, fraud, or abuse could mean millions of dollars in lost revenue, significant remediation costs, and a loss of customer trust for both Rapyd and its customers.

Although Rapyd runs an active bug bounty program, significantly customized its web application firewall (WAF), and considers API security mission-critical, its APIs were a black box to its security team. They lacked granular visibility into API use and behavior, business logic was unknown, and it was difficult to identify (let alone stop) attacks in real time.

Consequently, Rapyd’s security team needed a better way to secure both its public API and its hundreds of internal APIs in a highly complex system that operates in the cloud at a global scale. This meant a purpose-built API security solution that didn’t have the visibility gaps of their existing infrastructure, which included API gateways. They specifically needed:

• A granular inventory of all their APIs
• Visibility into the API coding errors or misconfigurations that create vulnerabilities in their security posture
• Intelligently prioritized alerts so security analysts could focus on the most important risks
• Automation and integration capabilities necessary to stop attacks

Rapyd’s CISO evaluated a number of established purpose-built API security solutions, including those from vendors with long track records. However, most fell short of providing complete API security because they lacked important capabilities, such as full packet capture for deep analysis of attacker behavior and visibility beyond traffic and anomalies in their global API security posture.

Amid a range of vendors offering some API security features, Noname Security (now an Akamai company) provided the combination of comprehensive visibility from code to production, discoverability, automation, integrations, and behavior-based anomaly detection that Rapyd needed. From their first meeting, Noname Security demonstrated an intense customer focus, level of expertise, and industry leadership.

After evaluating each vendor’s combination of product and team capabilities, Akamai emerged as the clear leader. The CISO’s team quickly deployed the Noname API Security Platform (now part of Akamai API Security) — including posture management, runtime protection, and Active Testing in one unified solution — across all their AWS regions globally.

With Akamai API Security, Rapyd can protect its APIs and critical assets from cyberattacks with:

• Easy, effective, and accurate API behavioral prevention, detection, and response
• Effective resource use to proactively de-risk the environment
• Evidence of security control and demonstration of compliance
• Secure handling of sensitive data and third-party risk exposure

Rapyd can now confidently grow its global business both quickly and securely, as real data from blocked attacks and production vulnerabilities inform their development efforts and new code can be easily tested before going live. Rapyd will also have full architectural freedom to deploy Akamai API Security as fully cloud-based, fully on-premises, or any hybrid combination as needed as they continue to expand into new markets and regulatory environments.

Rapyd lets you build bold. Liberate global commerce with all the tools your business needs to create payment, payout, and fintech experiences everywhere. From Fortune 500s to ambitious business and technology upstarts, our payments network and powerful fintech platform make it easy to pay suppliers and get paid by customers — locally or internationally.

With offices worldwide, including Tel Aviv, Dubai, London, Iceland, San Francisco, Miami, Hong Kong, and Singapore, we know what it takes to make cross-border commerce as easy as being next door. Rapyd simplifies payments so you can focus on building your business. To learn more about the company that is accelerating the fintech as a service revolution, visit www.rapyd.net, read their blog, or follow them on LinkedIn and X.