DANA invites thousands of global security experts to test its e-wallet

October 21, 2021

Dana Banner

● As one of Indonesia’s leading e-wallet, DANA provides an open platform infrastructure for payments, which allows all users, both merchants and consumers, to make non-cash and non-card transactions.

YesWeHack’s over 30,000 global security researchers will now be able to participate in the public program to identify potential vulnerabilities in the DANA e-wallet.

YesWeHack is partnering with DANA – one of Indonesia’s leading fintech organisations, to secure DANA’s e-wallet and discover vulnerabilities typically missed in traditional security audits. A young tech-savvy generation is accelerating seamless digital payment experiences in Indonesia. Apart from convenience, access to technology is helping some of the previously unbanked population get access to financial services that were not possible just a few years ago.

DANA provides an open platform infrastructure for payments, which allows all users, both merchants and consumers, to make non-cash and non-card transactions easily, safely and efficiently in one application. The number of DANA’s e-wallet users increased from 40 million before the pandemic to 80 million in mid-August this year.

A recent study by Visa on “Powering the Acceleration of Digital-First Experiences” highlighted that seventy-eight percent of Indonesians prefer e-wallets due to the speed of transactions and convenience. Indonesia’s central bank, Bank Indonesia, said in its report that the amount of digital transactions was US$9.2 billion during the first half of 2021. This was a 41 percent increase compared to the same period last year.

As digital innovations make the world a faster, better, and much more efficient place to work and live, businesses need to be transparent with their users. The focus is shifting towards security threats and how best to handle them. In a survey conducted in 2019 within the Asia Pacific region by CPA Australia, 58.7 percent of the surveyed small businesses in Indonesia thought it was likely that a cyber attack would occur in 2020.

Cybercriminals are more motivated than ever to steal personally identifiable information, and the fintech sector is one of the most targeted verticals. Cybersecurity has always been a priority for DANA. The company started with a private bug bounty program, inviting selected researchers to vet their e-wallet. DANA is now taking additional steps in providing transparency and security to its customers by moving to a public bug bounty program, inviting over 30,000 global security researchers through the YesWeHack platform.

“Millions of Indonesians trust us with their personal and financial information, and we take this responsibility very seriously. We have invited thousands of security researchers from across the world to find vulnerabilities in the DANA e-wallet. The public bug bounty program from YesWeHack is run continuously so that every new update is checked. This protects our user’s data and prevents security mishaps,” said Andri Purnomo, VP of Information Security at DANA.

“Businesses and consumers across Southeast Asia, and especially in Indonesia, have leapfrogged several generations by adopting e-wallets as their preferred payment channel. However, this rapid digitisation should not come at the cost of any compromises in security,” said Kevin Gallerin, Managing Director, APAC at YesWeHack. “DANA’s public bug bounty program will go a long way in establishing trust and securing their wallet for millions of Indonesians,” he added.

YesWeHack logo

About YesWeHack

Founded in 2015, YesWeHack is the #1 European Bug Bounty & VDP Platform. YesWeHack offers companies an innovative approach to cybersecurity with bug bounty (pay-per-vulnerability discovered), connecting tens of thousands cybersecurity experts (ethical hackers) across 170 countries with organizations to secure their exposed scopes and reporting vulnerabilities in their websites, mobile apps, infrastructure and connected devices. YesWeHack runs private and public programs for hundreds of organizations worldwide in compliance with the strictest European regulations.

In addition to the Bug Bounty platform, YesWeHack also offers support in creating a Vulnerability Disclosure Policy (VDP), a learning platform for ethical hackers called Dojo and a training platform for educational institutions, YesWeHackEDU. For more information: www.yeswehack.com

Media Contact: press@yeswehack.com

Want to discuss crowdsourced security with our experts?