Secure service: Penetration test of iTiny Internet Banking is successfully realized.
18 / 08 / 2016
Security of software products of “Lime Systems”, especially when using internet technologies is an integral part of providing quality services to own customers. Providing secure protection of our web-applications from various hacker attacks, we ensure secure environment for the work of Internet Banking system, as well as ensure a protected channel of exchanging financial information.
Because of this “Lime Systems” organized a security testing of its Internet Banking iTiny. Testing was realized by “QATestLab” company according to the methodology OWASP Top-10, 2013. The given methodology embraces 95% of critical vulnerabilities and covers them by checks.
To realize the testing such instruments as Acunetix Web Vulnerability Scanner, Vega, OWASP Zed Attack Proxy, Modify Headers for Firefox, Back Track 5 (Linux), Metasploit Framework, Armitage, Skipfish, Havij, Nikto2, Wikto, W3AF, SQLmap, Fiddler, SSLStrip, Nessus, RatProxy were used.
iTiny internet banking showed good level of protection from hacker invasion to the server part. Vulnerabilities which would allow breaking the system were not discovered. This shows high level of protection of iTiny internet banking from external influences and high level of security of software solutions from “Lime Systems” in general.
- SCROOGE Core Banking System
- Cash&Billing Cashier’s Module
- WebBank Front Office Module
- iTiny Web Banking Module
- iTiny.Mobile Mobile Banking Module
SCROOGE Core Banking System
Core Banking System consisting of a number of interrelated modules, which ensures the integrated management of bank resources and its overall effective functioning.
Cash&Billing Cashier’s Module
This software module unites two systems: "Cash&Billing" and "MoneyTransfer", and represents the universal workstation of the bank cashier.
WebBank Front Office Module
WebBank Front Office Module gives the bank possibility to organize the cooperation between employees, serving clients of the bank via the single application with convenient, easy web-interface and extended possibilities and control on each step of the work – client consultation, product sale, client background check, evaluation of the financial capabilities of clients, additional product orders, realization of the transactions and creation of the additional agreements, monitoring pledged security and work with non-performing liabilities.
The system of cryptographic information protection LS-Crypt is the library of cryptographical transformations, based on mathematical method of elliptic curves. It is used for encryption and decryption of the information, calculation of the message authentication code, hash function calculation, creation and verification of the electronic digital signature.
iTiny Web Banking Module
The software module of remote service for bank customers (legal entities and individuals), which provides access to financial information of the client and the possibility of executing a certain set of operations and functions.
iTiny.Mobile Mobile Banking Module
Mobile version of popular web banking module iTiny. It is freely distributed via the App Store, Google Play Market, Windows Phone Store. It allows managing funds on your accounts 24 hours/day with the help of mobile phone.