Advisory Financial Services Client Story

Providing Security Assurance for a Digital Wallet

A fintech company, sponsored by both a national telecommunications giant and a national bank, turned to Security Compass for a thorough, end-to-end security evaluation of their digital wallet product for assurance that the wallet was secure and conformed to appropriate risk management standards.

North America
Financial Services, Technology, Telecommunications

Practice Areas
  • Architecture Review and Threat Modelling
  • Source Code Review
  • Mobile Application Security Assessment


Our Client’s Challenge:

  • Our Client had developed a mobile application which was a digital wallet. This application was completed and ready to roll-out for public adoption. However, it had never been reviewed from a security standpoint.
  • The application handled customer sensitive information. There were also high profile partner sponsors whose reputation and customers could be impacted if the application was found to be insecure. For instance, any inadvertent exposure of customer data could cause damage to the sponsor’s brand and have a negative financial impact due to fraud and identity theft.
  • To protect their customers, our Client’s partner sponsor recommended that the mobile wallet security be assessed prior to public roll-out.

Our Approach:

  • Security Compass understood the impacts to our Client if launch of the application was delayed and worked with our Client to balance security with the project timeline. Our familiarity with software security allowed us to perform a coordinated, full evaluation of the digital wallet’s mobile application and infrastructure.
  • In collaboration with our Client, an assessment plan was designed, executed and managed. It included security assessments that balanced our Client’s partner sponsor’s requests, coverage requirements, and tight project timelines.

The Result:

  • Security Compass uncovered critical security vulnerabilities in the design, architecture, and implementation of the wallet and related services. We helped our Client understand the business risks if the application was released into the public immediately.
  • Our Client decided that the critical vulnerabilities identified would have significant impact to customers and decided, with their partner sponsors, to delay the release of the application instead of compromising the security of their end-users.
  • This was the security insight that our Client and their partner sponsors wanted to understand. The assessments helped provide strategic direction and recommendations to improve security of the overall solution, allowing our Client to protect customers and prevent damage to their brand.
As a result of Security Compass’s assessment, our Client and their partner sponsors were able to protect their end-users and prevent irreparable financial and brand damage.

Back to Client Stories

Contact Us

You’re different, and we know it.

We are your guide to planning, assessing, and helping you build secure information systems to keep your business productive.

Contact us to find out how we can help you.

 
Mostly
Some of
 
(Choose One)
(All that apply)
Web Search
Online Ad
White Paper
Analyst Report
Trade Show
Worked With Us Elsewhere
Referral
Other

Security Compass Logo