top of page
Image by Nathan Dumlao

SECURITY PACKAGE FINTECH APPLICATION

Zetta came here with a practical solution for the banking corporation to improve the security of the banking application by developing software for identity identification.

INITIAL CASE

This so-called security package consisted of a major update of a banking application known today. Our main goal in this project is to improve the security of the regular user on the application, as well as the application itself and the infrastructure behind it. The actual challenge is how we can assemble and implement it efficiently so that it is not too complex and make the application difficult to access. In this way, we preserve the fluidity of the entire process of inspecting the account, transmitting sums of funds, and other affiliated processes of a banking application.

ZETTA SOLUTION

Our fix was relatively simple, as we explored all possible procedures to secure access to certain processes, as well as perfected and enhanced the whole infrastructure of the banking application. Thus, we cataloged the most efficient, but also the easiest verification processes for a regular user, and here we discovered 3 very efficient measures, as they are used together properly.

Improvements to the internal system and infrastructure

  1. Changing the method of encrypting data and changing the protocol for sending & receiving information to the database, here it should be mentioned that they have updated some database security packages.
     

  2. Obsufication and information encryption methods have been added to the internal storage space as well as the cache and an added AI data correction system.

Securing identity verification

  1. ​The first procedure, which seemed to us the most elegant and one of the most effective, was the use of a system for investigating user behavior. This system effectively analyzes how those users proceed to perform certain operations, we analyze from the execution time for each mini process, where it is at that time when it opens the application and performs the operations, the time interval when utilizing the app, for example checking balance, including when sending funds or spending for particular services we set up a model, so when the user purchases something that could be very distinguishable from that previously investigated model, we stop it or moderate with another measure of identity confirmation.
     

  2. Another method of checking each essential process was to ask the user to validate their account access using their fingerprint or face. We have chosen this method, even though we often know that if the phone is compromised this check can be easily passed, because it has a pleasant character and the user can easily authenticate, in over 98% of cases being sufficient to secure the account.
     

  3. This security measure may seem trivial, but it helps a lot of enterprise users and those who use the app very often. The protection layer brought was to introduce a method to vigorously verify and validate to whom the money is sent, what is the purpose, and to understand if the location where that money will end up is safe. This way we passively avoid all cases of fraud and come up with some more rigorous settings related to how much money is sent, warning the user that the AI system suggests that action seems unsafe or fraudulent.

STATISTICS

Below you have illustrated the total improvements made to the entire application, improvements related to the user's condition to the decrease of the company's expenses by implementing the security package.

User Safety Status Graph
bottom of page