Latest opinions that Pavlo Farb has shared on Finextra

Join the Community

22,024

Expert opinions

44,216

Total members

425

New members (last 30 days)

171

New opinions (last 30 days)

28,678

Total comments

Join Sign in

Pavlo Farb

Security Engineer

Cossack Labs

Member since

11 Jun 2021

Location

London

View Pavlo Farb's full profile

Pavlo's opinions

Pragmatic POV on data protection regulations

In fintech, user’s data protection is among the top priorities requested by regulations, but surprisingly they are mapped onto real-world risks. As a data security engineer, I can say that while it might look like much work to comply with GDPR, CCPA, PCI DSS, FFIEC, etc., these regulations exist not to add problems but to prevent them and protect ...

18 October 2021 /security /regulation Fintech

4 data security tips when you lift and shift

Check if you take these security points into consideration before you migrate to the cloud. While you move your infrastructure into the cloud (“lift and shift”), your security assumptions also go through the change, since the on-prem threat model and security priorities are very different from cloud-based. And it’s always less stressful to get wel...

27 September 2021 /security /cloud Fintech

Store data encrypted and search encrypted data

How to keep your data encrypted and still be able to securely search over it, without constraining the app architecture? In data security, we say “you should try searchable encryption!” Let’s shine a new light on it here! Here’s an example. You store valuable encrypted data (like PII and fin data) in a database. Some app backend interacts with a da...

13 September 2021 /security Fintech

Cloud security and fintech: 4 things to consider

Check this list while planning a new business and putting your fintech app in the cloud. By noting these arguments you can avoid risky misconceptions of trusting too much responsibility to cloud providers and cloud environments. From our experience at Cossack Labs, we know that such an approach saves data, funds, and reputation. First, start with r...

23 August 2021 /security /cloud Digital Banking Trends

Why and where fintech uses crypto signed audit logs?

Lots of recently introduced regulations require audit logging as one of the measures for data protection in fintech. We know from practice that cryptographically signed audit logging can be a secure and pragmatic way to cover this point. Let's cut through complexity. Audit logs, or audit trails, capture evidence about any activity in your software...

02 August 2021 /security /devops Fintech

5 reasons to use application-level encryption to prevent data leaks in fintech

Facing a blend of old and new regulations, fintech companies, neobanks, and banks-as-a-service use application-level encryption (ALE) to encrypt transaction data, PII, and data sensitive with payments and accounts context. What Pro’s and Con’s application-level encryption has compared to the traditional database data-at-rest encryption? First, nowa...

19 July 2021 /security /payments Digital Banking Trends