Security Fintech

Transcript

1. Security Fintech

2. Hello! Saya Yahya F. Al Fatih 7 years experience in

   bank infrastructure pentest 5 years experience in government infrastructure pentest Wawadukan organization Development Operation at Crowde 2

3. 3 Finance (?)

4. 4 Middleman Tax Bank Credit Jual Beli Pre order Crowdfunding

5. Kelebihan - Sistem yang mapan - General Data Protection Regulation

   - Fraud Refund Traditional Banking System Kekurangan - Mampu untuk di manipulasi - Tidak Transparan - Bank fees 5

6. 6

7. 7

8. 8 Financial + Technology Cyber Security

9. Why FinTech Infographic lebih jelas dapat di akses ke http://fintechranking.com/2016/08/04/infographics-global-fintech-l

   andscape/ 9

10. Crypto/ Digital currency The Awesome of people currency!!!!! 10

11. Blockchain Kekurangan - Banyak yang tidak menerima - Tidak didukung

    pemerintah - 51% real threat attack - revert fraud transaction 11 Kelebihan - Trust less - Transaksi Murah - Bebas dari manipulasi - No middleman

12. “ Bitcoin have a potential to replace 'national currency' into

    'people currency' 12 https://www.forbes.com/sites/panosmourdoukoutas/2017/09/14/why-big-banks-attacked-bitcoin/

13. 13

14. From nothing to something - ICO - Market Bubble 14

15. “ Digital curreny is a 'fraud' and a tulip bulb

    15

16. Blockchain Vulnerability (potential) 16 1. User attack 2. Tracing coin

    history 3. DoS attack 4. Packet Sniffing 5. Illegal Content 6. Energy Consumption 7. CVE (?)

17. 17

18. 18

19. Online Payment No Cash, No Problem 19

20. Kemudahan Online Payment - Tanpa ngantri - Cashless - Phone

    as wallet - Pembayaran Cepat 20

21. Apakah aman menggunakan online payment ? - Security end-point -

    Data Encryption - Semakin aman = tidak menjamin cepat 21

22. 22

23. Startup Fintech By the people for people 23

24. 24

25. Cyber Security Semua Teknologi membutuhkan keamanan, apalagi hubungannya dengan financial

    25

26. - 2 factor authentication - Password new Standard (NIST) -

    Never click on links in emails - Pay close attention to website URLs - Be suspicious of unknown links or requests sent through email or text message - Guide : https://medium.com/@nickrosener/an-in-depth-guide-t o-personal-cybersecurity-be98ba47c968?source=book marks---------12---------------- - https://www.dhs.gov/how-do-i/protect-myself-cyber-att acks Personal Security 26

27. Worst Incident - Equifax - Hacked account 27

28. - Cara paling ampuh untuk menyimpan secret key ke dalam

    aplikasi adalah dengan cara tidak menyimpan secret key ke dalam aplikasi - Hilangkan pemikiran CyberSecurity Dark Age - Immune System =/= Secure System - Please no Default dude! - Paham Teknologi Security - Developer Security Guidelines (https://simplesecurity.sensedeep.com/web-developer-se curity-checklist-f2e4f43c9c56) Security for Developer 28

29. Worst Incident - Leaked Database 29

30. Apakah Machine Learning dan A.I. akan memecahkan semua Masalah ?

    30

31. 31 Long Story Short Secure isn’t about perfect, but it’s

    something

32. 32 Thanks! Any questions? Find me at [email protected] and k1m0ch1.github.io