Client:

A leading financial institution and a subsidiary of one of the largest banks in the world. The bank specializes in consumer finance, providing a range of financial services such as personal loans, car loans, credit cards, and mortgages. With a strong presence in numerous European countries, the Bank is committed to delivering customers a seamless and secure banking experience. As part of its digital transformation journey, the bank continuously seeks to adopt innovative solutions to improve user experience, enhance security, and streamline its operations across multiple channels, including online and mobile platforms.

Securing Loan Processes: Strengthening Digital Security & Enhancing Authentication


Security Challenges

Bank faced several challenges in securing their online cash and installment loans process. During the loan application and approval process, a significant amount of communication occurred between the customer and the bank It was requiring stringent security measures to authenticate and authorize users throughout the entire process. The bank relied on external APIs to obtain critical information about customers, such as bank account history and proof of identity, necessitating proper federation of these external APIs. Additionally, the bank had extensive communication with internal systems that needed to be secure and compatible with modern standards like OAuth 2.0 and OpenID Connect. As a result, the Bank sought a comprehensive solution to address these challenges, ensuring secure communication across all channels, including web and mobile platforms.

Our approach to tackling the client’s challenges

Our approach to addressing the challenges faced by the Bank began with implementing an on-premise Keycloak managed service to centralize and streamline identity and access management. We ensured the security of all communication between the bank’s internal services and customers by leveraging modern standards, such as OAuth 2.0 and OpenID Connect.

To enable seamless integration with the bank’s existing IT solutions, we utilized Keycloak extensions, which allowed for the easy development of connectors between various components. This approach facilitated a smooth and efficient integration process with minimal disruption to existing systems.

We also set up a federation between the bank and external API providers, creating a secure and efficient data exchange system that met the bank’s requirements for secure online cash and installment loans. To further enhance the security of the system, we employed eIDAS-qualified Website Authentication Certificates and Electronic Seals during machine-to-machine authentication and authorization processes.

This comprehensive approach to Bank’s IAM challenges focused on enhancing security, user experience, and interoperability throughout the loan process. By utilizing Keycloak and adopting the latest industry standards and best practices, we provided a secure and scalable IAM solution tailored to the bank’s specific needs and requirements.

KEY BENEFITS

  1. High configurability: Our solution offered a high level of customization, allowing the bank to easily adapt the IAM system to their specific needs and requirements as they evolve over time.
  2. Consolidation of security mechanisms: By implementing a single, centralized IAM for all loan processes, we simplified the management and maintenance of security protocols, reducing complexity and improving overall security.
  3. Policy Decision Point (PDP) and Policy Enforcement Point (PEP) implementation: By using Keycloak managed service, we established a unified platform for making access control decisions and enforcing security policies, ensuring consistency and efficiency in access management.
  4. Centralized security policies and identity management: Our solution streamlined the process of managing security policies and user identities across the organization, resulting in better governance and improved security posture.
  5. Enhanced user experience: By consolidating and streamlining the IAM processes, we facilitated a more seamless and secure experience for both internal users and customers, ensuring smooth and efficient access to the bank’s services.

TEAM

1 Project Manager
1 IT Architect
1 IT Analyst
2 Developers
1 IT Tester

DURATION


6 months