AdvisoryFinancial ServicesClient Story

Providing Security Assurance for a Digital Wallet

A fintech company, sponsored by both a national telecommunications giant and a national bank, turned to Security Compass for a thorough, end-to-end security evaluation of their digital wallet product for assurance that the wallet was secure and conformed to appropriate risk management standards.
Read our other Financial Services Client Stories.

Security assurance for digital wallets
North America
Financial Services, Technology, Telecommunications

Practice Areas
  • Architecture Review and Threat Modelling
  • Source Code Review
  • Mobile Application Security Assessment

Our Client’s Challenge:

  • Our Client had developed a mobile application which was a digital wallet. This application was completed and ready to roll-out for public adoption. However, it had never been reviewed from a security standpoint.
  • The application handled customer sensitive information. There were also high profile partner sponsors whose reputation and customers could be impacted if the application was found to be insecure. For instance, any inadvertent exposure of customer data could cause damage to the sponsor’s brand and have a negative financial impact due to fraud and identity theft.
  • To protect their customers, our Client’s partner sponsor recommended that the mobile wallet security be assessed prior to public roll-out.

Our Approach:

  • Security Compass understood the impacts to our Client if launch of the application was delayed and worked with our Client to balance security with the project timeline. Our familiarity with software security allowed us to perform a coordinated, full evaluation of the digital wallet’s mobile application and infrastructure.
  • In collaboration with our Client, an assessment plan was designed, executed and managed. It included security assessments that balanced our Client’s partner sponsor’s requests, coverage requirements, and tight project timelines.

The Result:

  • Security Compass uncovered critical security vulnerabilities in the design, architecture, and implementation of the wallet and related services. We helped our Client understand the business risks if the application was released into the public immediately.
  • Our Client decided that the critical vulnerabilities identified would have significant impact to customers and decided, with their partner sponsors, to delay the release of the application instead of compromising the security of their end-users.
  • This was the security insight that our Client and their partner sponsors wanted to understand. The assessments helped provide strategic direction and recommendations to improve security of the overall solution, allowing our Client to protect customers and prevent damage to their brand.
As a result of Security Compass’s assessment, our Client and their partner sponsors were able to protect their end-users and prevent irreparable financial and brand damage.

Back to Client Stories

Our Advisory services team has more than a decade of experience focused on Application Security. We take a flexible approach to your strategic security problems.

Whether you are a global enterprise looking for advice on security strategy and governance, a major financial seeking support on regulatory compliance and penetration testing activities, or a startup looking for high quality assessments to give customers assurance for your business, we're here for you.

Our credentialed professionals are experts in how to break applications and fix code, who take pride in helping you succeed in your Secure SDLC and Secure DevOps programs. Contact us today to learn how we can help solve your organization’s application security challenges.