OverviewOnline and wallet payments are the norm of the day. Over 2.1 billion consumers use wallet payments worldwide. This makes it a lucrative target for hackers to gain access to critical personal and financial data of users. So, for the fastest growing mobile wallet providers in Europe, the most important business aspect to take care of was to ensure the security of its 1.5+ million users.

ChallengeThe client handled over 3 million transactions per month from over 750,000 daily active users. It has API connections to some of the largest banks and payment card issuers of the world (as shown in flow diagram). Therefore, any compromise in its mobile platform could cause business impairment of major financial clients. The company required application security checks and adherence to PCI security standards to ensure business continuance

SolutionThe extent of wallet use for commercial transaction is estimated to cross $7 trillion by 2024. Whenever a consumer signs up for a wallet service, they have to provide their sensitive personal information (SPI) for verification that is stored in the provider’s ecosystem. These databases are further connected to various

ecommerce or company portals through an API. Targeted hacking into these databases and connections can allow the hackers to gain access to all the information and manipulate data as required-.

To avoid such an incident, Mindtree offered its Hacking-as-a-Service and Application Security services to the client. Proactive testing scenarios were created to find hidden vulnerabilities present in the system. Compliance-based attack vectors were created for penetration testing. The vulnerability assessment revealed over 20 critical problems that plagued the system and exposed financial data. Mindtree also analyzed the database and mobile application platform and uncovered encryption issues that made the transaction data readable to a third party.

Mindtree created a customized mobile application security and database encryption rules to meet the client’s requirements. Further, secure coding rules were implemented to ensure security at every stage of future development and testing scenarios.

The company’s SAST workflows were also optimized and automated to make it more robust:

ImpactThe potential of the impact was for the entire user database (over 1.5 million users). All sensitive data was secured and advanced security standards were implemented.

Mindtree helps fortify the mobile payment platform for one of the fastest growing digital

wallet provider

OverviewOnline and wallet payments are the norm of the day. Over 2.1 billion consumers use wallet payments worldwide. This makes it a lucrative target for hackers to gain access to critical personal and financial data of users. So, for the fastest growing mobile wallet providers in Europe, the most important business aspect to take care of was to ensure the security of its 1.5+ million users.

ChallengeThe client handled over 3 million transactions per month from over 750,000 daily active users. It has API connections to some of the largest banks and payment card issuers of the world (as shown in flow diagram). Therefore, any compromise in its mobile platform could cause business impairment of major financial clients. The company required application security checks and adherence to PCI security standards to ensure business continuance

SolutionThe extent of wallet use for commercial transaction is estimated to cross $7 trillion by 2024. Whenever a consumer signs up for a wallet service, they have to provide their sensitive personal information (SPI) for verification that is stored in the provider’s ecosystem. These databases are further connected to various

Mindtree [NSE: MINDTREE] is a global technology consulting and services company, helping enterprises marry scale with agility to achieve competitive advantage. “Born digital,” in 1999 and now a Larsen & Toubro Group Company, Mindtree applies its deep domain knowledge to 300+ enterprise client engagements to break down silos, make sense of digital complexity and bring new initiatives to market faster. We enable IT to move at the speed of business, leveraging emerging technologies and the efficiencies of Continuous Delivery to spur business innovation. Operating in 18 countries and over 40 offices across the world, we’re consistently regarded as one of the best places to work, embodied every day by our winning culture made up of over 21,000 entrepreneurial, collaborative and dedicated “Mindtree Minds.”

ecommerce or company portals through an API. Targeted hacking into these databases and connections can allow the hackers to gain access to all the information and manipulate data as required-.

To avoid such an incident, Mindtree offered its Hacking-as-a-Service and Application Security services to the client. Proactive testing scenarios were created to find hidden vulnerabilities present in the system. Compliance-based attack vectors were created for penetration testing. The vulnerability assessment revealed over 20 critical problems that plagued the system and exposed financial data. Mindtree also analyzed the database and mobile application platform and uncovered encryption issues that made the transaction data readable to a third party.

Mindtree created a customized mobile application security and database encryption rules to meet the client’s requirements. Further, secure coding rules were implemented to ensure security at every stage of future development and testing scenarios.

The company’s SAST workflows were also optimized and automated to make it more robust:

ImpactThe potential of the impact was for the entire user database (over 1.5 million users). All sensitive data was secured and advanced security standards were implemented.

Business Scenario Diagram