Application Security2020-12-04T14:13:50+00:00
digipay_digital_transaction

DigiPay: A foolproof platform for digital transactions

Request a Demo

Enjoy DigiPay’s faultless security with full compliance

Offering advanced security is DigiPay’s top-most priority and that’s why our solution is compliant with various security requirements and regulations.

digipay_faultless_security

  • PCI DSS

    We are certified with Level 1 of PCI merchant. Routine audits eliminate chances of storing sensitive data.

  • GDPR

    DigiPay is completely compliant with the latest data protection regulation. We use data only for payment necessities.

  • DSP2

    DigiPay’s close collaboration with local regulators and our European banking licence ensure DSP2 compliance.

What does DigiPay’s advanced security system offers?

DigiPay has an exclusive and advanced security system that protects data the moment it enters our system. Below are the few of DigiPay’s advanced security system’s offerings.

Secure bank account

Funds are held on our escrow account to ensure their availability while relieving you of the associated regulatory burden.

Internal scans

Regular checks by our specialists and penetration tests by certified auditors ensure our compliance with banking standards and regulation.

Tokenised card data

Payment data is encrypted to ensure that payment details may be kept for future use in a secure environment.

Authenticated API calls

We ensure that all the API calls are authenticated with our advanced and secure military-grade encryptions.

Application Security

DigiPay.Guru platform supports and utilizes unique user IDs along with secure authentication for all kind of access whether it’s administrative access or access to service authentication data. Secure authentication is imposed to all the accounts generated and managed by application.

Login and password management

DigiPay.Guru platform assigns unique IDs for all the user accounts. It enforces the process of login and management for various interfaces through completion of installation and also for each subsequent change that is made after installation.

Secure preference library

The Secure Preferences library uses the AES algorithm which randomly generates encryption key during the first instantiation of “Secure Preferences” in the application. The key encrypts the key-value pairs which are then encoded with base64 algorithm.

Avoid reverse engineering proof with Proguard

Proguard makes it difficult to read your codes while decompiling. This command line tool shrinks, optimizes, and obfuscates codes even the pre-verified ones. These steps makes the codebase compact, and efficient thus making it difficult to reverse engineer an application

Restricting privileges with group access management

The DigiPay.Guru platform also comes with User Access Management which restricts the access to required resources or functions along with enforcing the least privileges for the built-in accounts.

Audit Trail

The admin offers a comprehensive audit trail of all the activities on the system. The system tracks and logs all the activities that are performed by each user and the admin. DigiPay.Guru provides you with automated audit trails for the reconstruction of several events.

Log files maintenance

Saving database server’s logout output is better than completely discarding it. However, the large volumes of these data slow down the server. You can rotate the log files so that the new log files are added and the old ones are replaced after a reasonable period.

Securing data transmission

DigiPay.Guru comes with a robust AES encryption method that secures data exchange in every transaction that takes place between ‘Administration Application’ (Server) and ‘Service Distribution Application’ (Client). The AES encryption ensures high security of Sensitive Authentication Data which is used for each transaction.

Key Generation for Application User

In DigiPay, AES key is generated for every application that uses unique identification of user and the MSISDN & OTP. All the data exchange taking place between the server application and client after that are then encrypted using shared AES key.

Network Security with VPN and HTTPS

DigiPay.Guru has established HTTPS and VPN tunnel for secure communication with the API Client based application. RSA tunnel is used for communication with mobile devices. Similarly, HTTPS protocol is used for communication with Web portals.

Key Protection

Digipay.Guru shields the Symmetric AES keys by storing them in HSM. Encryption keys are changed for keys after once a definite amount of cipher-text are produced by a given key. Keys are replaced by destructing and archiving to maintain the integrity of weak keys.

Securing data with SHA algorithm

DigiPay.Guru uses SHA algorithms for the process of verifying the data integrity stored at the database level. This method compares the message digests which are calculated before and after the transmission. If the results don’t match then the server simply rejects the data.

SHA-256 Hashing

SHA-256 performs hashing function in which it converts the text of any length into the string of 256 bits. This algorithm can manage data string of any size and render a hash which is almost impossible to predict thus making it a reliable means of securing data.

Periodic Data backup

The DigiPay.Guru uses the REST API which makes the server communication easier. It also takes backup of all the transactions that takes place via the platform. This backup facilitates the user to view past transactions quickly. Moreover, it also helps the admin to make reports.

Components of the agency banking ecosystem

Agency banking consists of many participants that are involved in achieving a common goal. Below mentioned are all the participants that are a part of the agency banking ecosystem.

Regulatory compliance

DigiPay’s agent banking solution comes with all the major regulatory compliances like GDPR and PCI-DSS.

Agent network

DigiPay enables you to manage hierarchy, commission structures, and reconciliation of the agent network.

Adaptation

DigiPay’s agent banking solution is easily adaptable to the functionalities of the central banking system.

Use cases

DigiPay’s agent banking solution comes with multiple use cases like KYC, cash withdrawal/deposit, loan, insurance, etc.

Security

DigiPay’s agent banking solution employs advanced security parameters like 3DES security, SHA1, and bcrypt hashing.

Customer acquisition

The NFC integrated Digipay solution offers a highly secured communication protocol that facilitates contactless

Our success stories

DigiPay has successfully delivered numerous top-notch digital wallet solutions to its clients from all over the world. Get a glimpse of a few of our success stories from here.

DigiPay helps its client to become a leading FinTech firm in the Philippines

We recently helped one of our clients which is a FinTech start-up company that was established in early 2019 in BGC, Taguig. They wanted to start their business in e-money, electronic payment, financial services, and all other related businesses.

Read their story

DigiPay creates a user-friendly e-wallet for our client in South Africa

DigiPay helped its client based in South Africa to come up with their own digital payment application. In recent years, the mobile payment industry in South Africa has boomed.

Read their story

Ask us anything or just say hi...

Get a live demo

Fill all your details in the form and one of our business consultant will get in touch you within 24 hours.