Finder helps secure the Internet in a time of crisis
- 27 March, 2020 11:43
Finder has released a solution for secure online identity verification for banking details in its new app, a very timely solution given the current necessity for Australians to self isolate.
With the COVID-19 pandemic pushing Australia to the edge of a recession, more Australians will be looking online to see how they can find better deals to save money and reduce unnecessary spending. As more people go online, there becomes a greater risk of Australians being attacked by cyber criminals and having their personal information compromised, Finder said.
With 2.6 million unique monthly visitors, Finder wanted to reinvent its membership program back in 2018. While Finder’s existing model wasn’t broken, it saw an opportunity to better serve users by leading the development of the Finder app, which aims to connect users’ bank accounts to track their spending habits and identify where they could save by switching products.
To do this, Finder needed a robust security solution that would keep users’ financial data secure.
The Finder app is designed to find members better deals for credit cards, home loans, savings accounts and health insurance. It does this by linking users financial data for analysis across thousands of financial products and notifies them of potential savings across those four main categories.
As Australia enters a new open data sharing landscape with Open Banking just around the corner, there is also a growing requirement for companies to be proactive in sourcing robust security solutions to maintain customer trust and loyalty when dealing with private details, such as email addresses, phone numbers, banking details and credit scores. COVID-19 has brought this need for remote security to the forefront even more.
Using multiple user systems, including a main website service and credit score service, meant Finder needed a solution that utilised a number of features to improve user data security and to consolidate several stores of user data into one unified system.
Finder chief product and technology officer, Joe Waller, said the aim was a ‘defence in-depth’ security strategy.
“If you've somehow gotten through the castle walls, we don’t necessarily assume that just because you’re inside, you’re allowed to be inside. It’s safer to keep running additional checks, and so we continue to re-authenticate users," he said.
“Trying to build out authentication ourselves would divert all of the hundreds of engineers that we have working on key products and features for our members.
"We wanted to reduce the potential attack surface, and consolidating our member data into a single, secure system was the best approach. When our users provide us with membership and financial information, they are placing a level of trust in us, and it’s important that we honour that trust."
When Finder began moving towards a microservices architecture and building their app, the company sought out an authentication provider that could provide strong security. Once the decision to use Auth0 was made, Finder started to migrate hundreds of thousands of user accounts to the new system.
The Finder app launched in mid-March, with plans to roll it out in the UK and the US. Within the first week of launching, the group received 10,000 downloads of the new app. With this many downloads comes the need for a robust platform that secures and authenticates personal information continuously, to prevent fraudulent activity and identity theft.
One of the security features Finder uses is anomaly detection. It prevents malicious attempts to access the website or the Mobile application as well as block further login attempts.
Finder further secures data by fully integrating Auth0 into their membership flow, with tokens refreshing regularly. This continuous authentication strengthens the walls of Finder’s data fortress.
“For me, a secure member platform is a license to innovate safely and securely. Without a solid member platform that’s secure, we wouldn’t be able to innovate as quickly as we do. Any future work that we create, we make from eligibility programs or membership data which Auth0 has made possible,” Waller added.
Follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, follow our regular updates via CMO Australia's Linkedin company page, or join us on Facebook: https://www.facebook.com/CMOAustralia.