Menu
Information you need to know from around the globe

The DANA application has a Security Score Card with an A Nilai

  • Share

The COVID-19 pandemic that has hit since early 2020 has encouraged the adoption of financial technology in the daily lives of Indonesians. On the one hand, the rapid adoption of financial technology in the country faces challenges due to the low level of digital literacy and public trust in data security.

Based on the Indonesian Digital Literacy Index Survey, the digital literacy index in Indonesia is in the medium category with an index score of 3.49. The Digital Culture pillar generally gets the highest index score (3.90), while the Digital Safety pillar gets the lowest index score (3.10).

Meanwhile, WeAreSocial 2022 data shows that public doubts are still high about cyber privacy and security. For example, 36.4% of the public said they still feel anxious if the company uses their personal data.

Even 60.3% of them also cannot distinguish which information is genuine and real on the internet. For this reason, continuous efforts are needed not only in terms of increasing security innovation, but also in education and digital literacy campaigns.

Andri Purnomo, VP Information Security at DANA, said that along with the rapid adoption of digital technology, cyber attacks have also increased. According to the Exabytes website, throughout 2021 alone, every 39 seconds an attack occurs on global internet sites and every 11 seconds the virtual world is flooded with Ransomware.[1].

“According to Verizon’s 2021 Data Breach Investigation Report, the financial aspect is still the dominant motive for these attacks, with two main targets relating to bank accounts and credit cards,” he said at the DANA Tech Talk 2022 event: Enabling Digital Financial Trust with Advanced Security. Technology.

Andri added that crime in the digital world is predicted to remain high this year with the increasingly organized crime committed and the ease of obtaining tools to carry out cyber attacks. On the one hand, the defense system against these attacks is often lagging behind.

“To anticipate various attacks and crimes in order to build public trust in digital finance, DANA has implemented various efforts. Among them, periodic identification in various aspects,” added Andri.

Andri also gave an example that what DANA implemented started from ongoing campaign programs, products, social media, and partners to mitigate the risk of possible threats. DANA is also constantly improving its security system.

Security Score Card A

This is evidenced by the Security Score Card to measure domain security posture from independent assessors, and currently has reached the top rank with an A. Domain security posture is measured from 10 security components and DANA’s current score is above the global industry average.

Fath Ade Surya, VP Risk Management of DANA said, currently DANA has been used by more than 100 million users, 5,000 online merchants, with an average transaction of 7 million transactions per day, involving more than 8,500 IT systems, 200 applications and 300 application programming interfaces (APIs).

DANA is committed to providing a sense of security and maintaining the confidentiality of transactions and user data according to company values, namely Trusted, Friendly, and Accessible. For this reason, DANA applies an integrated Risk Management concept that is supported by Risk Engine technology.

In addition, DANA always builds a risk aware culture for all employees. This is certainly useful so that employees also understand and can recognize various types of risks so that they can jointly maintain and mitigate company risks.

Meanwhile, in terms of user security, DANA has also implemented a zero data sharing policy, using security technology ranging from PINs to face verification technology that was developed by itself, namely DANA VIZ (Visual Identity Authorization), and periodically implements ISO and PCI-DSS standards.

Not to be missed, there is also such a thing as DANA Protection. The DANA Protection policy will guarantee the user’s refund in the event of a failure in the transaction. Because of this, DANA is currently one of the most trusted digital wallet applications for its users.

“DANA believes that security implementation can be created by three factors. First, team competence, second, having modern processes including governance that is consistent both internally and with external parties. And the third is the safe use of the latest technology,” said Andri.

The various steps and efforts of DANA in providing optimal digital transaction protection were also felt by Teguh Aprianto, Cyber ​​Security Researcher & Consultant at DANA Tech Talk. According to him, the verification used for login and payment has been carried out very well.

“Currently, DANA does not only use OTP sent via SMS, but also uses PIN and facial verification. Of course, I can say that this method is quite effective in preventing account seizures which have often occurred recently,” said Teguh.

DANA Tech Talk is a discussion forum for technology activists to discuss the potential of technology and digital wallet innovation in advancing the national digital economy. This activity is held regularly and is expected to be a means of discussion as well as to capture new ideas regarding the use of appropriate technology.

  • Share

Leave a Reply

Your email address will not be published. Required fields are marked *