Making it Easy: Saifu Removes Complexity to Provide Safety and Convenience for Cryptocurrency Users
Cryptocurrencies are coming! Be it Bitcoin, Ethereum or BitConnect, the dramatic increase in digital currencies is just the beginning of a new way of conducting business that will ultimately touch every aspect of our lives.
However, the learning curve required to manage and trade the currencies can be steep, even for technically competent individuals.
Licensed as a payment institution in the Czech Republic, Saifu was created specifically to make cryptocurrencies as accessible and easily managed as traditional currencies. When opening an account, Saifu’s customers can select from conventional currencies or cryptocurrencies, and they can also associate prepaid cards with their deposited funds.
While it’s possible for informed individuals to take responsibility for holding and administering their own cryptocurrencies, there are several significant hurdles that must be overcome. Evgeny Vigovsky, Saifu’s COO and CTO, described, “One approach is for the person to create their own personal wallet, but they then have the burden of securing and protecting the wallet and associated cryptographic keys themselves.”
He continued, “Another alternative is for an individual to sign up for an online wallet service where a private key gives access to all their funds. But if they lose the key, they lose all their money. As most people don’t really understand how cryptography and keys work, they don’t want to take this kind of responsibility. Without a better solution, the uptake of cryptocurrencies would stall out.”
Vigovsky reflected, “From the very outset, ease-of-use was one of our core design tenets. We wanted to eradicate the assumption that a user must have specialized security, technical or banking skills to be involved with cryptocurrency. Our goal from the very beginning has been that anyone capable of using online consumer banking services or mobile banking apps should be very comfortable using Saifu. We offer accounts to consumers and to companies; there’s a big demand for companies who want to be able to buy, sell and exchange cryptocurrencies with regular currencies.”
In order to shield end users from the inherent complexity of securing cryptocurrency transactions, certain crucial functions – like ensuring end-to-end integrity, confidentiality and accuracy – are performed elsewhere in the process chain.
Although not a bank in the conventional sense, Saifu is subjected to the same industry and governmental requirements that apply to its more traditional peers, including all relevant data privacy and personal identifiable information (PII) mandates or regulations. Vigovsky stated, “We are licensed and regulated like any other bank, but handling both fiat and cryptocurrencies dramatically increases the challenges of attaining compliance--any viable security solution had to streamline these processes.”
Saifu’s aggressive growth objectives and pan-European expansion plans also elevated scalability, design flexibility and remote configuration and ongoing management to being key selection criteria.
To identify a solution capable of fulfilling its architectural requirements Vigovsky consulted with the vendor that installed Saifu’s core banking software and it unequivocally recommended Thales. He recounted, “The partner was so confident in Thales that it didn’t even provide any alternative suggestions!”
After performing due diligence, Vigovsky installed the Thales nShield Connect hardware security module (HSM), a solution designed to deliver cryptographic services in an enterprise environment. The nShield Connect provides a robust, tamperresistant platform that performs encryption and digital signing along with key generation and protection. It also can support an extensive range of applications or services such as certificate authorities, code signing and more.
The asymmetric and symmetric performance of the nShield series, including one of the industry’s highest elliptic curve cryptography (ECC) transaction rates, supported Vigovsky’s goals for throughput and an enhanced end-user experience.
“Given its sophistication, I was surprised how easy the nShield HSM is to set up. I was also really impressed by the beauty of the architecture and the way the solution is designed to work. We have absolutely no problems using it across our diverse mix of platforms,” Vigovsky remarked.
Thales nShield Connect provides many features that are critical in meeting Saifu’s business and technical requirements, including supporting multiple account types and remote access to the appliance. “We have found Thales nShield HSMs to be far more secure and user friendly than competing solutions. It perfectly meets our needs,” Vigovsky explained. “Thales gives us the ability to bring big bank security to the cryptocurrency world by creating and storing all our customers’ keys in the HSM.”
He continued, “Even if the infrastructure is hacked and criminals gain access to our servers, they still can’t do anything malicious. We’ve architected the system so that even if bad things do happen we can guarantee that our customers are well protected by the Thales security technology. Already being FIPS compliant definitely speeds up regulatory audits and other tests we’re required to meet. The combination of remote administration, trusted verification devices and smart cards is just fantastic.”
Delivering the Dream
Thales nShield Connect enables Saifu to deliver on the promise of its business model. “The Thales HSM empowers us to take ownership of the security and cryptography of accounts, virtually eliminating any worry or risk for our members,” Vigovsky concluded. “Thales has given us a beautiful solution around which we’ve developed our own software, equipping us with the ability to offer our customers a truly compelling value proposition.”
About Thales nShield Connect
Thales nShield Connect HSMs integrate with Thales Security World architecture. This proven technology enables the combination of different nShield HSM models and builds a unified ecosystem that provides scalability, load balancing and seamless failover.
The nShield Connect+ series performance makes it ideal for enterprise, retail, internet of things and other environments where throughput is critical.