Access security & dynamic linking for we.trade’s blockchain platform with TrustBuilder.io MFA
we.trade’s innovative digital trade finance platform allows businesses and banks across Europe to collaborate in a transparent and secure environment. Recently, the fintech engaged with inWebo to secure authentication and seal transactions on various web portals. Here is how inWebo’s MFA solution met we.trade’s very specific needs in a highly regulated industry.
we.trade, the world’s first blockchain platform for international trade
we.trade is the world’s first enterprise-grade blockchain-enabled trade finance platform. The Fintech was created by a consortium of 7 of the largest European banks (Deutsche Bank, HSBC, KBC, Natixis, Rabobank, Societe Generale and UniCredit) in February 2018 with IBM as their technology partner.
Commercially launched in January 2019, “we.trade’s hyperledger fabric blockchain based trade finance platform is currently licensed by 16 banks across 15 countries”. It delivers reliability, simplicity and security to global trade transactions across trade finance, insurance and logistics. The start-up also helps connect sellers, buyers, banks, insurance companies, and logistics organizations in a cohesive network that intends to simplify and facilitate cross-border trading.
we.trade’s technology serves both the bank members and their customers – i.e. SMBs or corporate customers involved in the international trade of goods and services – with 2 separate web portals for each of the bank members, one for them and one for their customers. Operating through a common rule book, the fintech is looking to expand beyond trade finance to cover the end to end trade journey and incorporate additional services and partners via a marketplace.
Innovative IT solutions
Julie Cairn joined we.trade’s adventure 2 years ago. Half product owner, half product manager, Julie works as an intermediary between technical teams and customers, clarifying and maximising business value through technology and innovation. Within we.trade’s team, Julie brings her experience to develop IT solutions that are not only useful, but also forward-looking for meeting the needs of the future.
Julie CairnProduct Owner / Product Manager, we.trade
The challenges in a nutshell...
MFA and dynamic linking: a PSD2 compliant solution
we.trade operates in a highly regulated banking industry. Its platform delivers values to the banks and their customers in an efficient, stable and most of all, secure way. In response to new regulations pertaining to financial services, we.trade was looking to deliver a solution that was PSD2 compliant.
“When the platform was launched, we.trade was using a different cloud identity provider, but this solution had not planned to become PSD2 compliant,” explained Julie. Therefore, they undertook the research and analysis to identify an MFA solution that would meet their regulatory and budgetary needs, as well as provide a more integrated user experience for users.
we.trade is the leading, if not the most sophisticated platform for European traders of goods and services to find one another and agree upon and execute international and domestic trades, often including bank supplied financial products – all on their digital secure trade finance platform. One of the company’s main requirements in regard to their MFA project was to have a solution that covered both authentication and transaction sealing through dynamic linking.
Seeking a flexible and easy to use MFA solution
Besides their regulatory needs, we.trade wanted to simplify the user experience. “There were a number of areas within the user experience that we wanted to improve.” underlines Julie. So we.trade took the opportunity with this project to see what could be enhanced and integrated in the user journey.
Upon undertaking the project, we.trade was wary of the time it would require. Julie mentioned that “the platform needed to be simplified and that there was some re-architecturing to do”. All the more reason to save as much time as possible with a flexible MFA solution that would be easy to integrate and deploy.
As Julie emphasized “PSD2 compliance was the main driver that led we.trade to engage with inWebo.”
It soon became clear that inWebo’s MFA solution met the fintech’s security and regulatory requirements, while offering a unified user experience and different levels of integration. This last aspect allowed them to work in phases, thereby avoiding delays in the implementation. As Julie expressed it, “There were many technical reasons behind the decision to go with inWebo’s technology, including the flexibility and the licensing model”.
Alongside this, Julie also pointed out the close relationship between their team and inWebo’s. Early in the development process, there were a few face-to-face workshops and design sessions held to assist we.trade on integrating inWebo’s solution with their platform and providing a unified UX into the platform itself. Still today, inWebo continues to help we.trade in building their internal knowledge of the solution, in order for them to respond to their bank members’ questions.
As Julie explained to us, “When a bank decides to onboard with we.trade, they have to select whether they want to use their own local identity provider – requiring more effort for them to go through the integration – or whether they want to use the default identity provider that we.trade offers, i.e. inWebo’s MFA”.
Julie added that “7 of we.trade’s bank members are currently using inWebo’s MFA both for their portal and their customers portal“. In addition, each of them are using their own service on inWebo. This means that the MFA service provided to each bank’s employees is segregated from the one provided to their customers, and they are both segregated from any other banks.
The implementation of inWebo’s solution within we.trade’s platform was a success. The start-up had a team of 5 developers and 2 Q&A working on the project, dividing the integration into several steps in a period of 4 to 5 months. “To begin with, and due to time constraints, we focused on implementing a compliant solution before going deeply into the integration process dealing with features that we wanted to deliver” explained Julie, “one of them being the customization feature of the login page, branded we.trade“.
Together with the support of inWebo, we.trade was able to provide trainings, videos and other materials to the banks and for them to use directly with their customers. Indeed, when each bank onboard to we.trade, their respective security team usually have many questions regarding the solution. “We compiled an FAQ that we continue to expand upon about inWebo’s technology, how it works, how it is secure, and how the deviceless MFA is secure, etc. – all with the help and support of inWebo’s team.”.