Leading Fin-Tech platform performs Application security testing for secure payment

Industry

Fin-Tech

Services

Security Testing

Client Overview

A leading Dubai-based Fin-Tech organization specializing in B2B transaction and Merchant based payment system.

Problem Statement

  • To enable a secure and fast online transaction.
  • To securely manage merchant-based payment system.
  • To maintain secure transactions through e-Wallet.
  • To establish secure EMI-based e-Payment.
  • Implement strong password policies to avoid insecure password transmission and storage.
  • Check the integrity of third-party vendors.

Tech Stack

Solution Approach

  • Upon manual and automated analysis of the target, we found out that there are multiple vulnerabilities present in the payment gateway service, Merchant management system as well as few third-party vendors.
  • Properly detailed reports were given along with the recommendation. 
  • Few other things to consider:
    • Perform proper VAPT assessment before deployment of new services.
    • Secure coding guidelines have to be followed.

Benefits

Upon manual and automated analysis of the target, we managed to find 3 critical, 9 high, 11 medium, and 4 low severity issues.

Our team has given a recommendation along with the proof of concepts of the vulnerabilities.

Our security team has managed to find few a business logic vulnerabilities that can cause a huge amount of financial loss and an attacker can be able to pay someone without paying the actual amount.

We have identified that few sensitive endpoints didn’t have any proper access control mechanism and attackers can use those endpoints to gain bank details, user email, and other PII data.

Connect with Us

Highlights

Security of The EMI-based e-Payment is a secure and easy option for customers as it provides hassle-free EMI payment.
The transaction process is much more reliable and offers secure, fast B2B transactions.

Latest Case Studies

View More

Get In Touch
With Us

We're all ears and eager to discuss your testing needs!

Crafting the best testing strategy for your product starts here.