Properly designing and securing your Web services application is important, and it's not just a matter of using security standards. Developers must understand both the limitations and drawbacks to security standards in order to fully secure their Web services. In this article, we outline the role of security standards in Web services development. We then look at each of these three pitfalls in detail. Finally, we provide some suggestions on how to address standards-based security in a Web application