Helping to ensure the security of up and coming fintech disruptors
In 2015, Oliver Calma established BCRemit with the desire of connecting individuals from opposite sides of the world through money transfer between the UK and the Philippines and more recently into EU countries such as Spain, France, Germany, Italy and Ireland. Based in Brentford, London; since 2015 they have grown to become well established players in the online money transfer and fintech industry. Since then, BCRemit has been recognised amongst the 101 Fintech Disruptors in the UK (2020) and nominated for the London Business Awards Social Impact Award (2019).
Overseas property purchase, mortgage payments and transfer to family and friends are all amongst the top five most popular reasons for international money transfer. Oliver is originally from the Philippines yet has worked in various locations around the globe including South East Asia, The Middle East, the UK and Europe. Thus, Oliver is very much aware of the need shared by him and other around 250,000 Filipinos living in the UK. BCRemit acts as a vessel through which funds can be securely transferred abroad. Traditional methods of international money transfer entailed lengthy processes including various physical documents and expensive transfer fees. Through BCRemit’s mobile app, web and call center money can be transferred and received either in cash at one of over 10,000 cash pick-up points or through bank transfer form to any Filipino bank account.
The Challenge: Understanding the critical need for open source security compliance
Today, as much as 90%, or even more, of internally developed code uses open source software. As times are changing and with it the need for more secure code development, BCRemit were in need of a ‘DevOps revamp’. Oliver Calma explains the challenges BCRemit were facing prior to joining forces with Meterian:
“At BCRemit, we champion values of trust and reliability, thus the security of our customers’ data is of utmost importance to us. With the risks associated with open source, we wanted a reliable solution to highlight vulnerabilities in our software supply chain and ensure the security of the PII and financial details of our customers. This is important for BCRemit to confidently continue facilitating the movement of migrant earnings between the two countries, and uphold our values of trust and reliability.”
As with any fintech organisation, protecting customer data is paramount for protecting our customers’ trust. To support their growth plans of evolving market demands, BCRemit needed a solution that could grow with their business- both in terms of technical flexibility and scalability, as well as financially.
As a relatively new disruptor in the industry, to incur a hefty licensing sanction or to have to remediate a data breach, at any stage in their growth plans, could jeopardize the future of the company. Currently, the cost of remediating a data breach within the Financial Services industry is currently an average of £4.54 million. The introduction of DevSecOps best practice to regularly manage and remediate vulnerabilities as part of the normal software development life cycle could reduce the cost of a breach by approximately £140,000, 22% reduction. For small businesses in the UK, even the UK average of £51,000 could set a business back significantly, even wipe them out. Using a security platform such as Meterian’s on a regular basis, every time developers build their code, can avoid breaches due to known vulnerabilities. These are attack vectors that cyber criminals can exploit without having proprietary access to a company’s systems.
Moreover, lost business accounts for nearly 40% of the average total cost of a data breach. Calma continues: “Given the potential monetary sanctions associated with data breaches as well as the impact that such breaches can have on brand reputation, we chose to move forward with Meterian to help us avoid such costly setbacks.”
The Solution: Young innovative fintech gets started with DevSecOps
In integrating Meterian’s vulnerability web scanner into their DevOps process, BCRemit gained the ability to quickly detect and identify which of their components were out of date, posing a risk to their overall operations.
The Outcome: Adopting DevSecOps approach for continuous security
With Meterian’s help, they became more familiar with the role of open source libraries in their applications and the need for their continuous maintenance- updating and patching them to mitigate and manage risks. Furthermore, in trusting Meterian with the automation of the identification of risky components, BCRemit has avoided what would have been a lengthy transformation process, had this been undertaken on their own. Thus, they have been able to continue the pace at which they deliver their product to their customers. As a result, BCRemit continues to succeed in connecting thousands of customers between the UK and Philippines, reducing the distance of sending money over 6,000 miles to connection and fulfilment in a matter of minutes.
〉Location: London, UK
“As a new entry in the FinTech industry, we were aware of the need for securing our applications. When we learned our open source dependencies needed regular maintenance to stay secure, we were pleased to find an easy-to-use solution that fit our technical and financial needs.”