Security

In our security strategy, we use the international standards, defining the requirements for information security management and risk management. We use only secure communication channels (using SSL certificates), data transmission is encrypted.

OTPs (One time passwords) delivered in SMS are used for accessing the App and transaction authorization.

We use the modern tools for data protection including OWASP list of recommendation:

● SQL Injections
● XSS (Cross Site Scripting) XXE (XML External Entities)
● Insecure Direct Object References
● Using Components with Known Vulnerabilities Unvalidated Redirects and Forwards
● Fault toleran

Our Information Security Tools Provide:

● Virus and hacker threats protection
● Data safety in case of physical loss or damage
● Firewall gateway for inbound traffic
● Uniquely coded short session protects from session replication
● Regular updates protect from new identified vulnerabilities
● System recovery in case of damage
● SSL secure communication channels with additional pre-encryption
● Two-level authentication
● Overall payments monitoring in automatic or manual mode

Additional Features toImprove Security

Managing e-wallet from a static IP-address
Instant notification on a completed transaction via SMS, е-mail, etc

The Key Components to Manage Security:

● User IDs –user’s accounts that can operate in the System
● User registration control includes user IDs’ matching with users’ accounts and with access points
● User accounts – users’ uniqueness control based on the identifiers (email and phone number)
● SUPER ADMIN access – can be used in case of emergency
● Keys – work with secret keys
● Personal data, billing information and customer payment tools storage based on a distributed database
● Each payment tools credentials are tokenized and encrypted