sb-as logo
Story image

Thales boost security for Kakao, Korea's 'digital only' bank

19 Sep 2017

South Korean digital-only bank Kakao Bank has deployed Thales security technologies as part of its efforts to boost the foundation of its banking systems.

The bank opened in July and according to reports,  more than one million users signed up in the space of five days.

Thales is deploying its nShield hardware security modules, which are FIPS 140-2 Level 3 certified. The company says they can deliver key management, data encryption and mobile user authentication.

Thales says that Kakao’s financial services are conducted solely through its mobile applications, which means there is an urgent need for robust data protection.

nShield hardware security modules were built with hardened, tamper-resistant platforms for encryption, digital signatures, key generation and protection.

A statement from Kakao bank says that nShield was an optimal choice because of its reputation for protecting data across devices, processes, platforms and environments.

"As the financial service industry continues to evolve from physical financial services, to mobile payments to digital-only banking, the requirements have only become more stringent for data security and privacy. This is one of many reasons why Thales is at the forefront of delivering advanced security services for new and innovative financial services organizations like Kakao Bank,” comments Kee Tae Kim, director for Thales eSecurity in Korea.

nShield hardware security modules also support certificate authorities, code signing and any application that uses digital keys across cloud, virtual and on-premise environments.

Foreigners are unable to use Kakao bank because they can’t receive verification codes on their devices.

Earlier this year Thales strengthened its data security across multi-cloud platforms through integration with providers such as Amazon Web Services, Google, Microsoft and Salesforce.

The company made enhancements to its Vormetric Data Security Manager, which offers centralised key and policy management.

““Ultimately, organizations operating in multi-cloud environments benefit most when they have a consistent, integrated solution that offers comprehensive data security and the ability to effectively manage encryption keys across diverse environments. Thales cloud security and key management allow companies to achieve both aims, which is vital as organizations are responsible for keeping their data secure, and can’t default to holding the cloud provider solely responsible if and when something goes awry,” comments Peter Galvin, VP of strategy for Thales eSecurity.

The newest version of Vormetric Data Security Manager also offers support for Vormetric Transparent Encryption Live Data Transformation which is able to mitigate the need for downtime when transforming or rekeying encrypted data.

Story image
Gartner recognises Pulse Secure for Zero Trust Network Access solution
In the market guide, Gartner states that ZTNA augments traditional VPN technologies for application access, and removes the excessive trust once required to allow employees and partners to connect and collaborate. More
Story image
Businesses move to cloud-based security solutions in a bid to support remote working
Cloud-based security tools are becoming increasingly popular following the rise in remote working during COVID-19, including a marked increase in businesses using such tools to protect of corporate financial information.More
Story image
Okta, CrowdStrike, Netskope and Proofpoint create shared zero trust security strategy
Okta, CrowdStrike, Netskope and Proofpoint have joined forces to develop and launch an integrated, zero trust security strategy, stating that this is crucial for today’s digital and remote working environments.More
Story image
LogMeIn report outlines identity management's role in creating business trust
More resources are funnelled into identity and access management (IAM) than any other IT security area.More
Download image
Crypto-of-things secures identity without compromise
Multi-party computation can split keys between a server and a device - making it extremely difficult for an attacker to gain access to both shares of the key.More
Story image
Check Point catches new form of Joker malware targeting Google Play Store
Check Point researchers have identified malware that is disguised as a legitimate looking Android application and is used to capture user’s information. Known as ‘Joker’, the billing fraud malware is specifically designed to evade Google Play Store protections.More