Sasawallet

sasawallet logo
Get Started

A secure platform for digital transactions

SasaWallet adheres to PCI DSS, GDPR, and DSP2 regulations. Furthermore, utilizing cutting-edge security technologies such as Biometric Authentication, AI, and NFC provides an enhanced digital wallet solution.

Book a call
Download Whitepaper

Experience SasaWallet's impeccable security and complete compliance

SasaWallet places the utmost importance on providing advanced security, so our solution adheres to numerous security standards and regulations.

PCI DSS

We adhere to PCI-DSS compliance, effectively reducing the risk of storing sensitive information.

GDPR

SasaWallet fully complies with GDPR data protection regulations, enhancing the platform's trustworthiness and reliability.

DSP2

SasaWallet maintains compliance with multiple regulatory bodies, ensuring adherence to DSP2 requirements.

What does SasaWallet sophisticated security system provide?

SasaWallet features a unique and cutting-edge security system that safeguards data as soon as it enters our platform. Here are some offerings of SasaWallet advanced security system:

Protected bank account

Funds are stored in our escrow account, guaranteeing their availability while alleviating your regulatory burden.

Routine scans

Our specialists conduct regular assessments, and certified auditors perform penetration tests to confirm our adherence to banking standards and regulations.

Tokenized card information

Payment data is encrypted to enable secure storage of payment details for future use.

Verified API calls

Our advanced and secure military-grade encryption ensures all API calls are authenticated.

Application Security

The SasaWallet platform employs unique user IDs and secure authentication for all types of access, including administrative access and service authentication data access. In addition, all accounts created and managed by the application are subject to secure authentication.

Login and password management

The SasaWallet's platform provides unique IDs for all user accounts, enforcing login and management processes for various interfaces throughout the installation process and for each subsequent change made after installation.

Secure preference library

The Secure Preferences library utilizes the AES algorithm, which generates an encryption key randomly during the first instantiation of "Secure Preferences" in the application. This key encrypts key-value pairs, which are then encoded using the base64 algorithm.

Proguard for reverse engineering prevention

Proguard hinders the readability of your code during recompilation. This command-line tool shrinks, optimizes, and obfuscates code, including pre-verified ones. These steps make the codebase compact and efficient, thus making it challenging to reverse-engineer an application.

Limited privileges through group access management

The SasaWallet’s platform includes User Access Management, which limits access to necessary resources or functions and enforces minimal privileges for built-in accounts.

Audit Trail

The admin provides a complete audit trail of all system activities. The system monitors and records actions performed by each user and the admin. In addition, SasaWallet offers automated audit trails for reconstructing various events.

Log file maintenance

Preserving the database server's logout output is preferable to discarding it entirely. However, large volumes of this data can slow down the server. By rotating log files, new files are added, and old ones are replaced after a reasonable period, ensuring optimal server performance.

Data transmission security

SasaWallet features a robust AES encryption method that safeguards data exchange in every transaction occurring between the ‘Administration Application’ (Server) and ‘Service Distribution Application’ (Client). This AES encryption ensures the high security of Sensitive Authentication Data used in each transaction.

Application user key generation

In SasaPay, an AES key is generated for every application using the user's unique identification, MSISDN, and OTP. The shared AES key encrypts all subsequent data exchanges between the server application and the client.

Network security through VPN and HTTPS

SasaWallet employs HTTPS and VPN tunnels for secure communication with API Client-based applications. RSA tunnels are used to communicate with mobile devices, while HTTPS protocol is used for communication with web portals.

Key protection

SasaWallet safeguards Symmetric AES keys by storing them in an HSM. Encryption keys are changed after a given key produces a specific amount of cipher text. To maintain the integrity of weak keys, they are replaced through destruction and archiving.

Data security using the SHA algorithm

SasaWallet employs SHA algorithms to verify data integrity at the database level. This method compares message digests calculated before and after transmission. If the results do not match, the server rejects the data.

SHA-256 hashing

SHA-256 executes a hashing function that converts the text of any length into a 256-bit string. This algorithm can handle data strings of any size and produce a nearly impossible hash to predict, making it a dependable method for securing data.

Regular data backup

SasaWallet utilizes the REST API, which simplifies server communication. It also backs up all transactions conducted through the platform. This backup lets users view past transactions quickly and assists admins in generating reports.