# Difference between v3 and v4 The diagram below highlights the end to end flow of v4 APIs with key changes:\ \ ![](https://api.singpass.gov.sg/assets/api-lib/myinfo/img/v4/myinfo-v4-flow.png) Myinfo v4 APIs bring about improved security posture, standards and features. For the comprehensive list of changes, refer to our [API Specs Release notes](https://public.cloud.myinfo.gov.sg/myinfo/api/myinfo-kyc-v4.0.html). | v3 | v4 | Justification | | ----------------------------- | --------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | | - | Proof of Key Code Exchange (PKCE) (Reference : [PKCE](https://api.singpass.gov.sg/library/myinfo/developers/pkce)) | Improve security posture between /authorize and /token by protecting against authcode injection | | X.509 Certificate public keys | JSON Web Key Store (JWKS) (Reference : [JWKS](https://api.singpass.gov.sg/library/myinfo/developers/jwks)) | Enable minimal disruption on key rotations | | PKI Base string signing | Client Assertions (Reference : [Client Assertions](https://api.singpass.gov.sg/library/myinfo/developers/clientassertion)) | Alignment to international standards | | - | Demonstration of Proof-of-Possesion (DPoP) (Reference : [DPoP](https://api.singpass.gov.sg/library/myinfo/developers/dpop)) | Improve security posture between /token and /person by proving legitimacy of possession for access token before data can be released |