In today's hyper-competitive banking landscape, digital transformation has emerged as a pivotal element for financial institutions. Digital services not only augment the overall customer experience but, to end-users, are often deemed as, if not more, vital than the services themselves.
Yet, the onus of data security in the banking sector is notably more pronounced than in many other industries. Beyond just adhering to an array of legislative mandates, banking is particularly susceptible to a spectrum of cyber threats, ranging from DoS and phishing attacks to malware and spear-phishing exploits.
Historically, many financial establishments held reservations about the cloud's security robustness in banking scenarios. However, contemporary sentiments starkly contrast these past apprehensions.
"The misconception that cloud adoption in the banking sector compromises security is merely a myth. Equipped with the right tools, specialized expertise, and meticulous configurations, cloud computing can indeed forge a fortified environment, completely compliant with legislative prerequisites. By harnessing the cloud's multifaceted benefits, banks can not only innovate with agility but also align seamlessly with evolving industry dynamics."
Václav Hrach, Azure Specialist, LinkSoft
Driven by a commitment to innovation and enhancing client experiences, we conceptualized a cloud-native chat-assisted customer service solution for a forward-thinking financial institution.
This assisted chat feature was envisioned to facilitate customers in seamlessly connecting with an operator during form completion. The inclusion of screen sharing ensures that assistance is rendered in real-time.
With the bank's existing services leveraging cloud capabilities, a salient objective was to architect the assisted chat as a quintessential cloud-native solution, rooted in Microsoft Azure.
"Our solution empowers bank clients to activate a widget during form processes, instantly connecting them to a phone representative. This representative, via the system, generates and shares a unique code with the client. Upon its entry, clients can securely collaborate on-screen, culminating in the successful completion of loan applications under guided supervision."
Václav Hrach, Azure Specialist, LinkSoft
This PoC is intricately divided into three core segments: the API backend, an operator-centric web interface, and a public website widget:
The solution's formidable security framework, bolstered by Key Vault, Azure Frontdoor, and a comprehensive architectural blueprint, has been meticulously vetted through exhaustive bank-conducted penetration assessments, underscoring its compliance with all security legislations.
"Platforms like MS Azure are adeptly engineered to curate precise policies, ensuring clients meet all legislative benchmarks. As an exemplar, the Frontdoor service, a potent Content Delivery Network with WAF (Web Application Firewall) integration, inherently aligns with the OWASP Top 10 criteria, safeguarding web applications against the decade's most perilous security menaces."
Václav Hrach, Azure Specialist, LinkSoft
The API Backend is deftly configured for user (operator) authentication against Azure AD, pulling essential user-centric data.
The backend seamlessly integrates with ACS, proficient in call creation and ID retrieval for these newly instantiated calls.
The backend is tethered to Azure Cosmos DB, storing pivotal call metadata - call IDs, PINs, operator identities, and potential audit metrics.
Configured to harness Key Vault, the backend utilizes it as a secure repository for sensitive credentials, including database connection strings.
