Case Study

An Extra Layer of Security for Peace of Mind

Contact SalesDownload Case StudyDownload Summary

Gem

Client

Gem gives companies an easy way to connect crypto to their app. With just a few lines of code, it’s simple to activate Gem’s embeddable UI flows and API so end users can seamlessly connect external crypto data, assets and fiat, without ever leaving the app.

Headshot of Micah Winkelspecht

Micah Winkelspecht, CEO and Founder

Region:
Global

Industries:
Cryptocurrency

Goal

Add an extra layer of security.

The Challenge

Secure sensitive financial and PII data in an industry hyper-targeted by hackers. When crypto is stolen, there’s no way to get it back.

Solutions Summary

Using VGS’ data security solution as a proxy layer on top of their in-house built security system, Gem added an extra layer of separation between them and customer data.

Results

Adding a second layer of security gave Gem peace of mind that they were doing everything they could to protect their customers’ data and a “stamp of security” so customers could feel safe too.

Background

Easy and Secure Crypto Onboarding

Gem gives app companies an interface to crypto. With their embeddable UI flows and API, users can easily onboard to the app, seamlessly connect to and transact with more than 2000 cryptocurrencies across 20+ exchanges, and see a comprehensive stream of transaction data, without ever leaving the app.

When it comes to onboarding new users into crypto apps, the process can be full of friction and fragmentation (not to mention risk), with different payment methods and multiple exchange accounts all across different jurisdictions. Building and maintaining the many required connections is complex and expensive.

Gem recently launched a new product—Gem Onramp—which takes those pains away. By plugging in a few lines of Javascript code, Gem’s customers’ apps can display a simple, elegant UI flow offering global fiat payment methods and exchange transfer options, for users to buy and transfer crypto with any payment method or exchange, on any device.

In this highly targeted industry, Gem’s CEO and Founder, Micah Winkelspecht was never quite comfortable despite all the work his capable team put into their security efforts.

Challenge

Securing a Super-Target

“We work in an industry that is a super-target. It's risk upon risk, upon risk. I want to make sure we're doing everything we possibly can to secure our customers’ data.”

- Micah Winkelspecht, CEO and Founder

Cryptocurrency is an appealing target for bad actors. While many digital thefts leave the attacker with an asset that must still be liquidated, crypto is already ready-to-use cash. In addition, cryptocurrency is founded on the principles of personal privacy and anonymity which work in the thief’s favor. Essentially, once stolen, you can’t get crypto back.

“We’re handling extremely sensitive financial transaction data, for a large number of customers. The outcome could be that criminals get away with Bitcoin and there’s nothing you can do to get it back if it’s stolen,” said Micah.

The Gem team had a solution they’d built in-house using HashiCorp Vault, which was based on an open source solution. As confident as Michah was in his team’s capabilities and the solution they built, he said, “We work in an industry that is a super-target. it's risk upon risk, upon risk. And I just want to make sure we're doing everything we possibly can to secure our customers’ data.”

Solution

Layer upon Layer of Security

“I partnered with VGS because—even though I trusted the solution we built in-house—as CEO, I need to be extra sure our customers' apps and their user data is secure. Adding VGS as a proxy, on top of our solution, provided that extra layer of protection I needed to actually sleep at night.”

- Micah Winkelspecht, CEO and Founder

Micah and team decided to add VGS as a proxy layer, on top of their internally built system, for a second layer of security. Now, when data is entered into the Gem widget, it flows through VGS first and gets redacted and is replaced with an alias (an advanced form of token). Those tokens are stored in the HashiCorp Vault, which then generates a new token that gets stored in the Gem database and controls access to the Vault based on services.

Only certain services have access to the vault in order to just get the identifier that they need to be able to communicate with VGS. Then, the systems that are allowed to talk to VGS are also very specific. By layering their systems, Gem created a defense in depth security infrastructure that keeps their customers safe.

Results

Peace of Mind for Gem and their Customers

“I can sleep at night. Having yet another layer of protection, where that’s all [VGS is] focused on, made me feel much more comfortable with our security posture. It gives us a stamp of security so customers feel more secure too.”

- Micah Winkelspecht, CEO and Founder

Before adding VGS, Micah was feeling “very uncomfortable.” As much as he trusted the Gem engineers and process, he knew the level of skill the hackers in their industry have is nothing to be trifled with. It’s imperative to present the deep thought and work they’ve put into security to their customers, who are other applications and developers and services who are also very concerned about security.

Now, he says, “I can sleep at night. Having yet another layer of protection, where that's all [VGS is] focused on, made me feel much more comfortable with our security posture. It gives us a stamp of security so customers feel more secure too.”

Want to try VGS?

Sign up for a free account to access our dashboard, or get in touch.