Context

Phishing attacks and social engineering attempts lately focus on the payout portion of the target organization.

The simplest attacker will trick the payout administrator to wire a large amount of funds to the hijacker’s account spontaneously, while the sophisticated ones will focus on real transactions of real business related deals and take over the payout information, directing it to their account instead of the real business destination.

The responsibility of the lost wire belongs to the payer; hence they would be the type of inactivated customers.

Key features

• Authorize the payout information and provide decision supportive information to the payout administrator,
• The system will neither wire any funds, nor provide “yay or nay” information, rather “green-yellow-red” markers for the transaction information,
• The system stickiness has to be high, so that a paying customer will never leave,
• The system accurateness has to be high, so that the prospects (payees) will become customers themselves (payers).

Challenge

At first, it was agreed to develop a serverless compute service (AWS Lambda). A long time was spent on research and pondering over it as the developers had no experience with that function.

Solution

As the client needed a working product fast and later on other versions would have been developed it was decided to develop a working MVP with simple Node JS.

Development Process

We started working on the design before deciding whether to proceed with AWS Lambada or just Node JS. As there was a decision the screens were ready waiting for API integration.

Results

The product is still in the acquisition and development period with more and more investors getting interested in it.