Wallet Factory Security

Security

In our security strategy, we use the international standards, defining the requirements for information security management and risk management. We use only secure communication channels (using SSL certificates), data transmission is encrypted.

OTPs (One time passwords) delivered in SMS are used for accessing the App and transaction authorization.

We use the modern tools for data protection including OWASP list of recommendation:

  • SQL Injections
  • XSS (Cross Site Scripting) XXE (XML External Entities)
  • Insecure Direct Object References
  • Using Components with Known Vulnerabilities Unvalidated Redirects and Forwards
  • Fault toleran

Our Information Security Tools Provide:

Virus and hacker threats protection
Data safety in case of physical loss or damage
Firewall gateway for inbound traffic
Uniquely coded short session protects from session replication
Regular updates protect from new identified vulnerabilities
System recovery in case of damage
SSL secure communication channels with additional pre-encryption
Two-level authentication
Overall payments monitoring in automatic or manual mode

Additional Features to
Improve Security

  • Security Strategy | Wallet Factory - image 1
  • Managing e-wallet from a static
    IP-address
  • Security Strategy | Wallet Factory - image 2
  • Instant notification on a completed
    transaction via SMS, е-mail, etc

The Key Components to Manage Security:

User IDs –user’s accounts that can operate in the System
User registration control includes user IDs’ matching with users’ accounts and with access points
User accounts – users’ uniqueness control based on the identifiers (email and phone number)
SUPER ADMIN access – can be used in case of emergency
Keys - work with secret keys
Personal data, billing information and customer payment tools storage based on a distributed database
Each payment tools credentials are tokenized and encrypted