Transcript
00:00:00 - Introduction
The session opened with a personal anecdote that set the tone for a deeper conversation about digital security. The speaker shared a moment with his young son, who innocently asked why banks still need safes if all the money is now inside apps. This simple question highlighted the complexity of modern banking security. Unlike the physical safes of the past, today’s banks rely on layers of digital protection—what the speaker described as “many, many steel doors.” While infrastructure and cloud security are critical, the real vulnerabilities often lie at the application level, where attackers exploit users and digital interfaces rather than physical systems.
The speaker emphasized that platform security is a shared responsibility and a core focus at ebankIT. Their approach includes secure coding practices, identity-first access, and maintaining user trust throughout the digital journey. He acknowledged that no system is perfect, which is why ebankIT partners with top-tier security providers and follows rigorous standards, including ISO 27001, SOC 2 Type 2, and CMMI-DEV Level 2 certifications. Their development process incorporates secure coding playbooks and automated testing tools from major providers like Microsoft, Google, and Apple.
With 65 live customer instances, the platform is continuously tested and validated in real-world environments. Despite all precautions, incidents can still occur—but when they do, the response is swift and all-encompassing, involving everyone from senior developers to board members. This culture of accountability and urgency, the speaker noted, is something truly unique to ebankIT.
00:05:00 - Key security features
The speaker continued by outlining several key security features built into the ebankIT platform, emphasizing that while the list wasn’t exhaustive, it demonstrated the platform’s layered approach to protection. For example, users can manage trusted devices—revoking access from old phones—and receive security alerts when sensitive actions occur, such as password changes or new device logins. Even personalization was framed as a security feature, making apps harder to clone by tailoring layouts and widgets to individual users.
The platform also supports adaptive authentication flows, where risk engines can trigger additional verification steps if a transaction is initiated from an unusual location or device. For both retail and corporate users, the system includes configurable limits, entitlements, and approval workflows. The Command Centre adds another layer of oversight, allowing banks to monitor failed transactions and alert relevant teams in real time.
Importantly, ebankIT doesn’t aim to cover every aspect of security alone. Instead, it integrates with a wide range of external partners—from AML and fraud detection to risk scoring—while remaining flexible enough to support a bank’s preferred vendors.
In closing, the speaker stressed that security is not a one-time purchase, but an ongoing process that must be embedded in every product release and business decision. ebankIT is committed to this long-term vision, working closely with customers and partners to deliver secure, resilient digital banking experiences.
%20without%20SAM%20-%20Maturity%20Level%20-%202-KO%20edit.webp?width=160&height=57&name=67768-ebankIT%20Platform%20-%20CMMI%20Development%20V2.0%20(CMMI-DEV)%20without%20SAM%20-%20Maturity%20Level%20-%202-KO%20edit.webp)
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}