{"id":3829,"date":"2019-08-07T06:54:45","date_gmt":"2019-08-07T06:54:45","guid":{"rendered":"http:\/\/prototypes.transputec.net\/cynance-dev\/?p=3829"},"modified":"2022-07-15T13:52:11","modified_gmt":"2022-07-15T13:52:11","slug":"monzo-tells-customers-to-change-pin","status":"publish","type":"post","link":"https:\/\/outofsite.biz\/cynance\/monzo-tells-customers-to-change-pin\/","title":{"rendered":"Monzo tells its customers to change their pin."},"content":{"rendered":"<p>[vc_row][vc_column][vc_column_text css=&#8221;.vc_custom_1582711683551{padding-bottom: 50px !important;}&#8221;]Monzo called hundreds of thousands of customers to pick a new PIN code, after realising it was storing users\u2019 PIN codes as plain-text in log files. While the UK Fintech sector is flourishing with new technologies, Fintech companies\u2019 success is extremely dependant on their ability to provide security to their customers. A few ground rules should be followed by any Fintech venture to ensure they don\u2019t have issues similar to that of Monzo, or worse: Sensitive data sanitation \u2013 Conduct a static code analysis to detect sensitive data being stored in the code as plain text. Assess your logs structure to ensure that proper information is being logged, while sensitive information is unrecognisable. Implementation of technical countermeasures \u2013 incorporate security controls into the information system design lifecycle so that they become an integral part of the system\u2019s operational capabilities. Invest in \u201csecurity by design\u201d concepts, implementing secure engineering processes. Introduce system-level security principles to be considered in the design, development and operation of an information system, in all layers of the product and make sure your teams implement these principles and are provided with appropriate security by design training programme.[\/vc_column_text][\/vc_column][\/vc_row]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Monzo called hundreds of thousands of customers to pick a new PIN code, after realizing it was storing users\u2019 PIN codes as plain-text in log files.<\/p>\n","protected":false},"author":8,"featured_media":8085,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[],"_links":{"self":[{"href":"https:\/\/outofsite.biz\/cynance\/wp-json\/wp\/v2\/posts\/3829"}],"collection":[{"href":"https:\/\/outofsite.biz\/cynance\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/outofsite.biz\/cynance\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/outofsite.biz\/cynance\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/outofsite.biz\/cynance\/wp-json\/wp\/v2\/comments?post=3829"}],"version-history":[{"count":1,"href":"https:\/\/outofsite.biz\/cynance\/wp-json\/wp\/v2\/posts\/3829\/revisions"}],"predecessor-version":[{"id":8086,"href":"https:\/\/outofsite.biz\/cynance\/wp-json\/wp\/v2\/posts\/3829\/revisions\/8086"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/outofsite.biz\/cynance\/wp-json\/wp\/v2\/media\/8085"}],"wp:attachment":[{"href":"https:\/\/outofsite.biz\/cynance\/wp-json\/wp\/v2\/media?parent=3829"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/outofsite.biz\/cynance\/wp-json\/wp\/v2\/categories?post=3829"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/outofsite.biz\/cynance\/wp-json\/wp\/v2\/tags?post=3829"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}