Capability-Based API Gateway Technology Selection Analysis for Banking Cybersecurity Solution Using AHP Method

Authors

  • Riama Santy Sitorus Information Technology,, Computer Science, ASA University Indonesia,Jakarta, Indonesia
  • B Junedi Hutagaol Information System, Computer Science, ASA University Indonesia,Jakarta, Indonesia
  • Dita Madonna Simanjuntak Information System, Computer Science, IPWIJA University,Jakarta, Indonesia

DOI:

10.33395/sinkron.v9i1.14328

Keywords:

AHP, API, API Gateway, Banking, Cybersecurity

Abstract

The growing reliance on APIs in the banking sector, driven by digital transformation, necessitates robust API Gateways that balance performance with strong security measures to address risks like API abuse, man-in-the-middle attacks, and data scraping, while ensuring compliance with regulations such as PCI-DSS, GDPR, and OJK standards. This study bridges the gap in technical guidance by developing a comprehensive evaluation framework using the Analytic Hierarchy Process (AHP) to determine the most suitable API Gateway for banking. The findings identify Apigee as the optimal choice, scoring 1.4277 for its superior authentication, traffic encryption, threat detection, deployment flexibility, cloud integration, and API management. IBM API Connect, scoring 0.6186, is a strong alternative with excellent security and management features but limited scalability and deployment flexibility. Kong and Axway API Gateway follow with scores of 0.4215 and 0.4627, excelling in deployment and integration but lacking critical security features for banking. This research emphasizes the strategic importance of selecting the right API Gateway to bolster cybersecurity and API management in banking, recommending Apigee as the primary solution and IBM API Connect for complex IT infrastructures. It also contributes to the literature by providing a structured, quantitative approach to API Gateway selection and suggests future research exploring AI integration, advanced analytics, and cost-benefit analyses for informed decision-making in the financial sector.

GS Cited Analysis

Downloads

Download data is not yet available.

References

Access, O., Rao, B., & Suvarna, S. G. (2023). Trust & Security Issues in Mobile Banking and Its Effect on Customers. International Research Journal of Modernization in Engineering Technology and Science, 05. https://doi.org/10.56726/irjmets39238

Belinda, B. I., Emmanuel, A. A., Solomon, N., & Kayode, A. B. (2021). Evaluating Software Quality Attributes using Analytic Hierarchy Process (AHP). International Journal of Advanced Computer Science and Applications, 12(3), 165–173. https://doi.org/10.14569/IJACSA.2021.0120321

Bondel, G., Landgraf, A., & Matthes, F. (2021). API Management Patterns for Public, Partner, and Group Web API Initiatives with a Focus on Collaboration. ACM International Conference Proceeding Series. https://doi.org/10.1145/3489449.3490012

Cloramidine, F., & Badaruddin, M. (2023). Mengukur Keamanan Siber Indonesia Melalui Indikator Pilar Kerjasama Dalam Global Cybersecurity Index (GCI). Jurnal Sosial Dan Humaniora, 8(1), 57–73. https://doi.org/10.47313/pjsh.v8i1.1957

Cota, D., Martins, J., Mamede, H., & Branco, F. (2023). BHiveSense: An integrated information system architecture for sustainable remote monitoring and management of apiaries based on IoT and microservices. Journal of Open Innovation: Technology, Market, and Complexity, 9(3). https://doi.org/10.1016/j.joitmc.2023.100110

Dinçkol, D., Ozcan, P., & Zachariadis, M. (2023). Regulatory standards and consequences for industry architecture: The case of UK Open Banking. Research Policy, 52(6), 104760. https://doi.org/10.1016/j.respol.2023.104760

Dinova, C. A., & Utomo, I. C. (2024). Pengembangan Arsitektur Microservice pada Learning Management System E-learning Menggunakan Metode Web Service. Jurnal Ilmu Komputer Dan Informatika, 3(2), 125–141. https://doi.org/10.54082/jiki.102

Gartner. (2024). Critical Capabilities for API Management. https://www.gartner.com/document/5852879?ref=solrAll&refval=438481844&

Hamed, M., Hefny, M., Helmy, Y., & Abdelsalam, M. (2023). Open Banking API Framework to Improve the Online Transaction between Local Banks in Egypt Using Blockchain Technology. 14(4). https://doi.org/10.12720/jait.14.4.729-740

Hanafizadeh, P., & Amin, M. G. (2023). The transformative potential of banking service domains with the emergence of FinTechs. In Journal of Financial Services Marketing (Vol. 28, Issue 3). Palgrave Macmillan UK. https://doi.org/10.1057/s41264-022-00161-0

Hutagaol, B. J., Sitorus, R. S., & Hutagaol, N. (2024). Identifikasi Tingkat Kesadaran Pengguna Mobile Banking terhadap Ancaman Cybercrime. Jurnal Teknologi Sistem Informasi Dan Aplikasi, 7(3), 1043–1054. https://doi.org/10.32493/jtsi.v7i3.41639

Kondam, A. (2024). International Journal of Advanced Research and Emerging Trends ( JARET ) International Journal of Advanced Research and Emerging Trends ( JARET ). 1.

Kreuzberger, D., Kuhl, N., & Hirschl, S. (2023). Machine Learning Operations (MLOps): Overview, Definition, and Architecture. IEEE Access, 11(April), 31866–31879. https://doi.org/10.1109/ACCESS.2023.3262138

Mahmoud, T., Balachandran, W., & Altayyar, S. (2024). Advancing Sustainable Healthcare Technology Management: Developing a Comprehensive Risk Assessment Framework with a Fuzzy Analytical Hierarchy Process, Integrating External and Internal Factors in the Gulf Region. Sustainability (Switzerland), 16(18). https://doi.org/10.3390/su16188197

Mathijssen, M., Overeem, M., & Jansen, S. (2020). Identification of Practices and Capabilities in API Management: A Systematic Literature Review. http://arxiv.org/abs/2006.10481

Matias, M., Ferreira, E., Mateus-Coelho, N., Ribeiro, O., & Ferreira, L. (2024). Evaluating Effectiveness and Security in Microservices Architecture. Procedia Computer Science, 237, 626–636. https://doi.org/10.1016/j.procs.2024.05.148

Mork, T. (2024). Tormod Mork Müller Master ’ s thesis Enhancing Vendor Selection in Software Ecosystems : A Decision- Making Tool. June.

Navaretti, G. B., Calzolari, G., Mansilla-fernández, J. M., & Pozzolo, A. F. (2022). Open Banking ’ s Promise of a Financial Revolution : Are We Falling Short ? 1 Open Banking ’ s Promise of a Financial Revolution : Are. 1–21.

Pourbarzegar, F. (2021). Faezeh Pourbarzegar FACTORS AFFECTING API MONETIZATION Master of Science Thesis. February.

Purawidjaja, R. A., Chudra, G., Indrajit, E., Dazki, E., & Yohannis, A. (2024). Leveraging Enterprise Architecture to Empower KOMINFO’s Business Core Operations: A PMO Perspective. Sinkron, 8(3), 1272–1285. https://doi.org/10.33395/sinkron.v8i3.13656

Rahman, A., Indrajit, E., Unggul, A., & Dazki, E. (2024). Implementation of Zero Trust Security in MSME Enterprise Architecture: Challenges and Solutions. Jurnal Dan Penelitian Teknik Informatika, 8(3), 2077–2087. https://doi.org/10.33395/sinkron.v8i3.13949

Ranjan, P., Khunger, A., Batchu, C., Venkata, V., & Dahiya, S. (2022). Threat Modeling and Risk Assessment of APIs in Fintech Applications. 2(2), 44–61. https://doi.org/10.56472/25832646/JETA-V2I2P108

Samira, Z., Weldegeorgise, Y. W., Osundare, O. S., Ekpobimi, H. O., Kandekere, R. C., Researcher, I., & Texas, D. (2024). API management and cloud integration model for SMEs.

Sorongan, F. A., Legowo, M. B., & Subanidja, S. (2023). Model of Banking and Fintech Collaboration in Indonesia : Present and Future Challenges. 6(08), 1–10.

Subramanian, N., & Jeyaraj, A. (2018). Recent security challenges in cloud computing. Computers and Electrical Engineering, 71(July 2017), 28–42. https://doi.org/10.1016/j.compeleceng.2018.06.006

Utomo, B. C., & Rahman, A. A. (2024). Analisis Kesadaran Keamanan Data Pribadi pada Pengguna E-Wallet DANA. Jurnal Riset Sains Dan Teknologi, 8(2), 155–166.

Zulfa Qur’anisa, Mira Herawati, Lisvi Lisvi, Melinda Helmalia Putri, & O. Feriyanto. (2024). Peran Fintech Dalam Meningkatkan Akses Keuangan Di Era Digital. GEMILANG: Jurnal Manajemen Dan Akuntansi, 4(3), 99–114. https://doi.org/10.56910/gemilang.v4i3.1573

Downloads


Crossmark Updates

How to Cite

Sitorus, R. S., Hutagaol, B. J., & Simanjuntak, D. M. (2025). Capability-Based API Gateway Technology Selection Analysis for Banking Cybersecurity Solution Using AHP Method. Sinkron : Jurnal Dan Penelitian Teknik Informatika, 9(1), 338-347. https://doi.org/10.33395/sinkron.v9i1.14328