Chatbots.Studio applies the fintech industry best practices to secure chatbots.
Is the personal data of clients stored in the messenger?
No. Sensitive personal and financial information is transmitted to the banking or CRM system directly through Webview, which communicates with the server over a secure SSL. Thus, confidential information is not available in messengers, and its exchange between the client and the bank’s infrastructure is protected in accordance with the best Internet banking practices.
How is client authentication going?
To open prepaid cards, only name, surname, and mobile number are used. And then a bunch of numbers with OTP is used.
For banking operations, the client is authorized in the banking system through Webview configured in accordance with PCI DSS, completely in the bank’s infrastructure.
How do you work with card numbers?
Through card tokens. During operations, a token is used, and the card data themselves are not transmitted, so a potential attacker cannot intercept them or save the messenger. There is no point in intercepting the token data because the token becomes invalid when you try to perform an operation with the token in another interface.
Fintech Chatbots case studies