Q - Tell us about Point?
Kenan - Point is a consumer FinTech company focused on building financial products that are aligned with our clientele, which we do by giving our users an amazing mobile banking experience and access to features that benefit them specifically - all while not charging any fees. Some of the features we currently offer include an interest-bearing checking account, a debit card with rewards on select merchants and exclusive perks from some of our early partnerships.
Q - How did Point approach the challenge of data security?
Like any financial product, security and compliance are paramount in gaining our users’ trust.
We do this by maintaining best practices when it comes to protecting our users’ data, such as sending all our data over HTTPS, hashing passwords with an algorithm that’s resistant to several popular cracking mechanisms - and by aliasing our sensitive data with VGS.
Q - What does Zero Data mean to you?
Kenan - It means that, by leveraging VGS as our data security partner, we don’t have to store any sensitive data on our side. If our database ever does become compromised, whether through a rouge employee or an external hacking attack, most of the data wouldn’t be actionable.
Q - How do you see the relationship evolving over time?
Kenan - Over time, as we build out more new features for our users, we’ll presumably have more data that we’ll need to secure with VGS. Also, when the time comes, we will use VGS to expedite our PCI compliance process.
Q - How do you quantify the benefit of VGS?
Kenan - VGS has provided us with an out-of-the-box product that enables us to avoid dedicating engineering resources to building our own custom data aliasing solution, which we would have to store in a separate database and protect ourselves.
Now, we don’t have to focus on solving the problem of data security, so we can focus on our core competencies.
Q - Any advice for other startups who are beginning security and compliance journey?
Kenan - Every company should adhere to best security practices. But if you’re building a company that relies more on sensitive data, like developing financial products, you need to be aware of certain attack vectors and mechanisms in which you can minimize those vectors. Something like tokenizing or aliasing sensitive data is a great step in the right direction, as well as leveraging 2FA on any sensitive data and siloing databases.
You want to make sure that you’re doing data security correctly from the outset, because it’s a lot more difficult to fix down the road when you don’t.
Q - Who is your favorite superhero and why?
Kenan - I would say Iron Man, because he’s an engineer and an inventor. He was able to take a potentially detrimental situation and turn it into a positive force for good. I also like the fact that he’s a superhero that was born human - not with any special powers. Both Iron Man and Batman are relatable in that way.
Q - How can people sign up with Point?
Kenan - Right now, we’re still in beta. But you can sign up for early access at www.point.app.