Digital concierge service and the management of sensitive data
Background
An insurance company was faced with the task of developing an application capable of securely blocking its customers’ most sensitive data, such as credit card and SIM card information, in the event of loss.
The biggest challenge was to create a system that complies with the strict PCI DSS standards for data storage and management security.
Solution approach
Deep Impact recommended a cloud-based solution using Amazon Web Services (AWS), specifically the AWS Key Management Service (KMS).
This solution enables the secure handling of cryptographic keys and the encryption and decryption of sensitive data, fully compliant with PCI DSS standards.
Technical highlights
Cloud-based Architecture:
For the realization of the project, Deep Impact proposed an innovative cloud solution based on the services of Amazon Web Services (AWS).
The use of AWS allowed for the establishment of a highly available and scalable infrastructure that meets the dynamic requirements of the insurance company.
By choosing a cloud-based architecture, Deep Impact was able to eliminate the need for costly upfront investments in physical server infrastructures while ensuring flexible adaptation to increasing or varying load requirements.
Security through AWS Key Management Service (KMS):
A central component of the solution is the use of AWS Key Management Service (KMS), a managed service that enables the creation and control of cryptographic keys used to protect data.
AWS KMS is specifically designed to meet the requirements of PCI-DSS standards by providing robust security for encrypting and decrypting sensitive information such as credit card data.
Full PCI-DSS Compliance:
By integrating AWS KMS into the solution, it was ensured that all sensitive data is encrypted and managed according to the stringent requirements of the PCI-DSS standard. AWS KMS supports both symmetric and asymmetric keys and offers various mechanisms for key rotation and management, ensuring secure storage and processing of data.
PCI-DSS compliance was not only achieved but further strengthened by the advanced security features of AWS KMS.
User-Friendliness and Modern User Interface:
In addition to security, another focus was on the user-friendliness of the application. Deep Impact developed a modern, intuitive user interface that facilitates users’ daily interactions with the application.
The combination of technological excellence and high usability makes the solution a valuable tool in the users’ everyday tasks.
Results
- PCI-DSS Compliance: The application meets all security standards and requirements.
- High Customer Satisfaction: The company is delighted with the modern UI and technical excellence of the solution.
- Increased Efficiency: The new application optimizes internal processes and significantly raises the level of security.
Conclusion
The project for an insurance company illustrates Deep Impact AG’s expertise in developing a sophisticated and security-critical application within a tight deadline of three months.
The challenge of processing sensitive customer data in accordance with the highest security standards was successfully overcome by using AWS KMS.
The excellent collaboration demonstrates how the use of advanced technologies can be used to implement digital solutions that meet customer requirements while guaranteeing compliance with strict security standards.
Share on