Early Indicators Demonstrate that CSIO’s Commercial Lines Data Standards are Gaining Momentum
(Toronto – November 15, 2023) CSIO is pleased to advise brokers actively using its Commercial Lines (CL) Data Standards, which have the CL Minimum Data Set (MDS), have reported their average quote response time from insurers has decreased from days to an average of 14 seconds.
When insurers and vendors program the required data points for quoting and binding commercial lines risks in their systems using CL Data Standards, it allows brokers to exchange data in a simple, structured format directly from their broker management system (BMS) to the insurer’s system through an Application Programming Interface (API).
To ensure the industry implemented API security best practices, CSIO worked with security architects and implementation specialists from CSIO member companies (Aviva Canada, Applied Systems, Definity Financial, Intact Insurance, Northbridge Insurance, Travelers Canada and The Wawanesa Mutual Insurance Company) to develop an industry API Security Standard. Several API Working Group sessions were held in order to gain a comprehensive understanding of industry API security considerations and implementation practices along with pain points related to specific business workflows.
CSIO developed API security guidelines and recommendations that incorporated the following key areas:
Confidentiality of Data
API endpoint security
Security logging and monitoring
Security testing
Identity
Authentication
Authorization
Access control
The published API Security Standard was developed based on:
Industry best practice recommendation (e.g. OWASP API Top 10) for API Security
Aligning to the requirements of CSIO and the API Security Working Group with respect to future plans and their applicability around security elements, such as the types of protocols, identity, and authentication framework for APIs.
The API Security Standard addresses security concerns relating to specific protocols, including OAuth 2.1 and recommendations for mitigating these concerns. The published Standard is forward-thinking and helps inform the insurance community on ways to better protect their environments.
In its new Commercial Lines product offering, Applied Systems has developed solutions in alignment with CSIO’s API Security Standard. Brokers can be confident that their data remains confidential and secure when leveraging Applied’s CL MDS through the API workflow, with the knowledge that data is securely transferred for the purpose of completing that transaction only and is not shared outside of that use.
About Centre for Study of Insurance Operations (CSIO)
CSIO is Canada’s industry technology association of property and casualty insurers, vendors and over 38,000 brokers. CSIO is committed to driving innovative solutions that enable the best insurance experience in Canada by overseeing the development, implementation, and maintenance of technology Standards and solutions, such as eDocs, My Proof of Insurance, and eSignatures. In addition, CSIO operates the industry-owned mail network service. The CSIO XML Standard is licensed to CSIO by ACORD (Association for Cooperative Operations Research and Development). For more information, visit csio.com.
For further information, please contact:
Debbie Vassos, BBA, CDMP | Manager, Marketing & Communications
110 Yonge Street, Suite 500 | Toronto, ON M5C 1T4
(416) 360-1773 x 1721 | 1 (800) 463-2746 x 1721
dvassos@csio.com | www.csio.com