Given the central role played by application software in customer-facing and core banking services such as ATM, Deposits, Card Issuance, and Money Transfers, MAXUT offers custom penetration testing and vulnerability assessment services focused on discovering and rectifying back-end applications security flaws – either inherent or through deployments. This service is invaluable to customers who need to combat security risks associated with relatively new online and mobile applications as well as risks from custom web and legacy applications – some of which were developed in an era when security was an after-thought in software development.
Our unique ‘ethical hacking’ testing methodology combines technical ability with the creativity of our team of experienced financial applications and security professionals, to precisely test real life business scenarios that automated testing tools are incapable of.
In addition to application vulnerability testing, MAXUT offers two-factor protection for core banking applications and internal systems that support critical services. Strong authentication is a first step in protecting these services from malicious access by unauthorized external and internal actors and to aid compliance with PCI-DSS and other financial regulations including emerging payment services standards such as PSD2.
With the ubiquity of mobile apps in practically every business interactions the need for trust has never been more important. This is even more true with mobile banking services and financial transactions.
Because mobile apps are susceptible to usual online threats such as financial malwares, web-based banking Trojans and man in the middle attacks, in addition to mobile device-specific vulnerabilities, securing mobile apps has become a critical component of an effective fraud prevention strategy for financial institutions.
Based on DigiPass for Apps, a software development security platform from VASCO Data Security, MAXUT helps customers design, and secure mobile banking apps to protect users from these threats and vulnerabilities. The platform provides a single framework for user authentication, transaction and device protection. We work with your software development teams to port existing apps to the platform or to create new highly secure mobile app. Contact us for more information.
Online and mobile banking are fast becoming the primary methods that customers prefer to interact with their banks. As financial institutions extend their products beyond the traditional banking channels to reach new customers and to offer new payment services, access to sensitive financial information is no longer confined to the four walls of your branch network or to customers in the same city or country: the identities of your customers and employees are the new security perimeters to your bank. Attacks on user credentials range from the simple – such as setting up fake bank websites and emails, or the use of USB key loggers – to more sophisticated phishing and social engineering attacks.
Recent attacks on the infrastructure of financial institutions such as the SWIFT messaging fraud on the Bank of Bangladesh, succeeded after the credentials of bank employees were compromised.
These and other high-profile heists were successful because proving user identities has remained stuck in a time warp defined by user name and password combination. Passwords remain the number one reason why online accounts are compromised and with the increasing adoption of mobile banking, the use of static user passwords or one-time passwords sent in mobile SMS texts for user authentication are no longer tenable.
MAXUT provides two-factor authentication (2FA) and fraud management solutions to address the risks associated with electronic banking, payment services and other financial transactions.
We offer:
Through our partnership with VASCO Data Security NV. a market-leader in fraud & risks management for global financial institutions, we provide best practice project delivery and 24-7 technical support. And as the only regional VASCO premier technical partner, you can be assured of world class implementation across all your bank locations.