The business requirement was to conduct an application security review within a UK-based FinTech start-up. The objective was to assess the current state of application security, identify any deficiencies and vulnerabilities, and offer actionable recommendations for improvement.
To fulfil the Fintech’s requirement of an application security review, Nuage security expert took a comprehensive approach to assess the organization’s information security maturity. The first step involved conducting an application security review, which included a grey box penetration testing approach. Information gathering phase was organized to examine the application architecture and security implementation.
Nuage conducted network scanning and vulnerability analysis to identify any weaknesses or vulnerabilities. Upon discovering potential vulnerabilities, Nuage actively focused on exploitation and remediation to gain a comprehensive understanding of the risks and device effective strategies for addressing them.
Specific tests that helped in addressing the key areas of concern are:
To identify any vulnerabilities that could lead to authentication bypass, allowing unauthorized access to sensitive areas of the application.
This involved examining unauthorized access attempts and assessing the implementation of appropriate authorization controls. Additional tests to detect vulnerabilities related to access control, including the potential risk of privilege escalation.
Nuage performed a comprehensive business logic test to evaluate the application’s functionality and identify any flaws that attackers could exploit.
To ensure their protection against common API vulnerabilities, including injection attacks, unauthorized access, and improper input validation.
Nuage tested for various types of input injection vulnerabilities, to identify potential weaknesses in the application’s input validation and processing mechanisms.
The security of session management was evaluated to verify that sessions were adequately protected against session hijacking or fixation attacks.
Nuage performed weak cipher scans to identify any vulnerabilities in the SSL/TLS configuration and assess the overall security of the encryption.
Nuage conducted client site testing which aimed to prevent attacks, unauthorized access to sensitive resources, and ensure data protection.
For more such analysis and insights, click here- https://nuagebiz.tech/case-studies/
For more details and personalized assistance, reach out to info@nuagebiz.tech
Business Requirement
The requirement was to develop an application that allowed for business-to-business foreign currency and same-currency payments.
Our client is a UK-based FinTech start-up that aims to streamline the process of moving money around the world for businesses. The primary objective is to minimize the friction and cost of payments – same currency and across currencies.
Nuage Solution
Working closely with the client, our team of experts, developed a web-based application. We developed two applications – one for the back-end and one for the customer.
The back-end application included customer set-up, and user set-up with customizable roles, currency, and rules set-up along with the ability to perform treasury operations such as transaction monitoring and limits management.
The customer portal allows the corporate user to manage other users (based on role), create currency exchange or payment transactions, and view balances and transactions by currency. The payments follow the 4-eye principle. The portal also allowed the users to view and download reports.
For payments, the system supports AML checks and supports virtual accounts in multiple currencies for receiving payments.
The first release went live within 3 months of Nuage starting the work.
Technology Stack
Frontend: Angular
Backend: Python
Database: Postgres
Host server: AWS Cloud
For more such analysis and insights, click here- https://nuagebiz.tech/case-studies/
For more details and personalized assistance, reach out to info@nuagebiz.tech
Business requirements:
A retailer based out of Southeast Asia required an application to be used on the shop counter. The application would be used by their staff to record customer transactions like Deposits of Money, Gold, and Collaterals. Also, record withdrawal transactions for the same. One of the major requirements of the application is to be integrated with their current legacy Sun system through APIs.
Nuage Solution:
Nuage develops a browser-based application for the Counter Application. The application is customizable to cater to the needs of different countries and regions. Admin has options to define masters such as:
Users must log into the system before accessing the application, and any actions taken by the user are recorded in Audit logs that can be monitored by the admin. We prioritized security and data integration by ensuring that all access to the system is encrypted through HTTPS. Our system is equipped to handle multiple currencies and countries. We designed the system to allow the admin to easily configure the application to meet their specific needs, without requiring any technical expertise, since each country has its unique system for handling gold products and transactions.
For transaction receipts, we have integrated a complete email notification system, and also the application can download in PDF format or a List of transactions in excel format. Reporting is one of the major aspects, for reports we have built a customized system in which the admin or platform user can check all the transactions by setting different filters, also user can see the same data in tabular form or graphical representation such as pie charts, bar charts, and line charts. Additionally, users have the option to export the reports as an Excel file or send them via email.
Technology Stack
For more such analysis and insights, click here – https://nuagebiz.tech/case-studies/
For more details and personalized assistance, reach out to info@nuagebiz.tech