Client Details

MONETA Money Bank

MONETA Money Bank is a Czech Republic-based retail and expanding small and medium enterprises (SME) bank. The company holds a universal banking license and provides a range of retail and SME-focused financial products and services. MONETA operates through a national distribution network of 229 branches and through alternative distribution channels, including the internet, its call center, auto dealers, brokers and leasing partners.
 
MONETA together with its controlled subsidiaries offers current accounts, savings accounts, term deposits and transactional banking products including payment services and debit cards, consumer loans, credit cards, overdrafts, mortgages and auto loans, auto leases and other complementary products such as bank assurance and sales of investment funds.

 


Complying with PSD2 and its RTS

On November 27, 2017, the EU Commission released the long-awaited regulatory technical standards (RTS) for PSD2. The RTS defines the whole range of requirements for digital banking security. Quoting Chapter II Article 9, it may also be argued that
 
RTS implies that the guardian for application protection and secure mobile payment is a necessary component of any mobile banking app:

  1. Payment service providers shall adopt security measures, where any of the elements of strong customer authentication or the authentication code itself is used through a multi-purpose device, such as mobile phone or tablet, to mitigate the risk which would result from that multi-purpose device being compromised.
  1. For the purposes of paragraph 2, the mitigating measures shall include each of the following:
     a- the use of separated secure execution environments through the software installed inside the multi-purpose device; 
     b- mechanisms to ensure that the software or device has not been altered by the payer or by a third party;
     c- where alterations have taken place, mechanisms to mitigate the consequences thereof.
 
This excerpt implies that banks are responsible for implementing security measures to make sure that mobile devices aren’t altered, apps not modified at rest or in runtime, and that the apps can’t be tampered with by payer or any other third party.
 

 

The Guardian provides the solution

(Ultimate Security for Applications and Mobile Payments)
The Guardian is a natural and the most straightforward way to cover the regulatory technical standards for PSD2. Like many other security-focused and innovative banks, MONETA Money Bank is now protecting their mobile apps against the ever-changing threat landscape while maintaining a frictionless user experience with The Guardian.
 
The Smart Banka app by MONETA Money Bank is the first banking app in the Czech Republic that actively fights against the whole range of sophisticated attacks, such as: 


  • Malware attacks 
  • Vulnerabilities related to rooting or jailbreaking
  • Debugger connection 
  • Code or framework injection 
  • Application repackaging and app integrity breaches 
  • Malicious screen readers or untrusted keyboards
  • Overlay attacks 
  • Man-in-the-app and man-in-the-middle scenarios
                                       
You can easily turn your app into a self-protecting app. Your Android or iOS apps can be quickly uploaded and secured in minutes by using our integration tool, or an SDK that is easily integrated into the app.
 Once secured, the app is immediately ready for distribution via public app stores.



The Guardian is essential for improving your business

 Attacks can have devastating consequences. User data can be stolen, putting businesses at risk of regulatory compliance violations and bad publicity. Financial fraud can be committed, resulting in lost revenue. And, of course, there’s the loss of customer and shareholder trust, all having impact on brand reputation. If the attack goes on long enough, a business could sustain irreparable damage.
 
MONETA Money Bank takes continuous steps to stay compliant and—mainly—ahead of their cyber adversaries.
 
 

Why the Guardian?

Unchanged User Experience

The Guardian protects multiple business apps while maintaining an optimal user experience. You won’t even notice it’s there!
Quick to deploy

The Guardian provides an automated implementation process. This allows organizations to quickly release protected apps, without affecting the development timeline!

 Stay Compliant

The Guardian upholds the strictest international compliance requirements (PSD2 / GDPR), and works on multiple platforms.

 Enable secure Mobile Strategy

The Guardian proactively protects your apps against targeted attacks, allowing apps to run securely, even on highly infected devices.

 Highly Secured software keys

The Guardian protects sensitive data in the app and prevent cloning scenarios for keys or unique identifiers.

 Prevent IP Theft

The Guardian ensure that proprietary business logic can’t be reverse engineered, inspected, and/or stolen.