But is it secure? That’s one of the main questions users ask themselves when they make an online purchase. Users expect to pay for a product just as easily and securely as they send a message.
In order to provide end-to-end solutions for electronic or conversational commerce that truly make things seem simple, at Yalo we work with some of the most prestigious and well-known multinational financial services corporations in the world.
The companies in the financial sector are modernizing and producing high quality user-facing products. Long gone are the days when users accepted spending their time filling endless forms, going to bank branches for a simple process. Chat and messaging apps are making everything simple and easy for the users.
A foothold in chat: customer acquisition and onboarding.
The case of one of our recent financial services customers illustrates the benefits of conversational commerce for this industry; mainly in terms of customer acquisition and onboarding.
Using Yalo’s notification system, the company can now easily reach people right on their devices and in the messaging apps they know and use regularly. With this contact, our customer was able to personalize its services towards the end user.
People don’t want to have to be in front of a computer to contact their bank or credit card provider, they also don’t want to download yet another app that consumes space on their phones. They also want to do a large variety of processes that usually go beyond the capabilities of websites and mobile applications.
But in a messaging app these features can grow quickly and organically, and cover the complete breadth of business from sales to delivery to support. They can be very tailored to needs, without having a high operational cost.
And with the addition of payments, they can close the loop to become a single stop shop for customers looking to learn about, personalize, buy, receive and get support.
Beyond the basics: a secure payments ecosystem
Working with this financial service customer, our challenge was to go beyond the customer care segment, both in Mexico and the rest of the world. In order to grow to the next scale, we had to comply with their rigorous due diligence processes which is one of the strongest in the industry.
So how did we do it?
As a cloud business, we operate in a secure virtual environment, known as a Virtual Private Cloud. On top of that, we have a second layer of security given by the messaging platforms, like WhatsApp and Facebook Messenger, where we operate.
The latest generation of cloud applications for chat use end-to-end encryption. This means that message data is entirely private between the customer and their service provider. Message data is encrypted using the same Signal protocol used by Whatsapp, Signal, and Telegram. This makes the platform extremely secure by default when compared with traditional channels.
Most chat platforms work like is shown below. When users send messages, they are unencrypted into clear text at many points along the way. In this “hop-by-hop” communication, any malicious actor can see a full copy of the message before it reaches the secure endpoint for handling payments.
With end-to-end encryption, messages are encrypted along the entire journey from the source to the destination VPC. This means that, even if an attacker would get ahold of a message in flight, they would only see it in an encrypted form: as a string of seemingly random characters. This is shown below.
By leveraging end-to-end encryption and native security, we were able to comply with global security best practices and grow to more complex financial services use cases.
This achievement is a true win for all of our customers and their end users. We will continue establishing our security program with the goal of achieving SOC-2 type II and ISO 27001:2013 compliance.