Member since

Pavlo's blog archive

2021 (4)
Pavlo Farb

Pavlo Farb

Security Engineer at Cossack Labs
Message Message me Posts: 4 Comments: 0



Store data encrypted and search encrypted data

13 Sep 2021

How to keep your data encrypted and still be able to securely search over it, without constraining the app architecture? In data security, we say “you should try searchable encryption!” Let’s shine a new light on it here! Here’s an example. You store valuable encrypted data (like PII and fin data) in a database. Some app backend interacts with a da...

Digital Banking Trends

Cloud security and fintech: 4 things to consider

23 Aug 2021

Check this list while planning a new business and putting your fintech app in the cloud. By noting these arguments you can avoid risky misconceptions of trusting too much responsibility to cloud providers and cloud environments. From our experience at Cossack Labs, we know that such an approach saves data, funds, and reputation. First, start with r...


Why and where fintech uses crypto signed audit logs?

02 Aug 2021

Lots of recently introduced regulations require audit logging as one of the measures for data protection in fintech. We know from practice that cryptographically signed audit logging can be a secure and pragmatic way to cover this point. Let's cut through complexity. Audit logs, or audit trails, capture evidence about any activity in your software...

Digital Banking Trends

5 reasons to use application-level encryption to prevent data leaks in fintech

19 Jul 2021

Facing a blend of old and new regulations, fintech companies, neobanks, and banks-as-a-service use application-level encryption (ALE) to encrypt transaction data, PII, and data sensitive with payments and accounts context. What Pro’s and Con’s application-level encryption has compared to the traditional database data-at-rest encryption? First, nowa...