VEB Technologies

In 2019, the Belarusian IT company Vebtech launched the FINSTORE project. The key idea is to provide businesses with access to financing, and investors the opportunity to safely receive passive income. Over the course of 4 years, the project helped attract $149 million, becoming the only successful case of its kind in Belarus and the EAEU.

Product Concept

Finstore is based on the concept of asset tokenization, allowing investors to directly invest in corporate bonds and other assets online, while enabling companies to quickly and inexpensively raise additional funding. This includes tokenizing corporate bonds and rights to real assets.

The distinguishing feature of the solution is the "one-stop shop" principle - individuals have the ability to buy, sell, and redeem corporate tokens on the platform without intermediaries. At the time of launch, a model was chosen where tokens represent the equivalent of a digital bond and provide companies with one of the ways to raise funds. Token sales are exempt from taxation according to Belarusian legislation.

Vebtech-developed user journey minimizes bureaucratic procedures, simplifies, speeds up, and reduces the cost of attracting investments for issuers, while also complying with legislative requirements, providing investors with a safe and simple investment method.

Results

More than 15,000 investors have been attracted to use the platform, with over 80 companies placing  token issuances. Finstore has become a financing search tool for several large enterprises, such as LLC "Foreign Economic Leasing Company", OJSC "BELAZ", State Enterprise "Belarusian Railway", and others.

In 2023, the first issuance of a Russian company was released - LLC "Inko-Energo", and towards the end of 2023, the largest placement on the platform to date occurred - an issuance from the Russian investment holding "Atalaya" for $40 million USD.

Vebtech offers сomprehensive software solutions to optimize the funding process:

To arrange a strategic meeting and obtain more detailed information, please contact Vebtech Head of Digital Transformation Consulting.

Contacts
Valery Kozhirnov
[email protected]

About the Client

Bank BelVEB - one of the  leaders in the FinTech domain among commercial banks, is known for its use of advanced, high-tech banking solutions that align with the best international practices.

Business Challenge

Bank BelVEB's existing mobile application was outdated and did not meet modern user expectations. The application was non-native and failed to cover the business's needs.

The client required a new, more functional application built from scratch using microservice architecture for iOS and Android systems. The challenge was to develop this mobile banking application within a tight timeline of 10 months, which the team successfully reduced to 7 months.

Project Overview

Through brainstorming sessions, high-level requirements were gathered to outline the desired features. The team began working on the concept and design concurrently. The project scope and required functionalities evolved throughout the development process.

As a result, a multifunctional application was developed.

UP is the mobile banking app for iOS and Android which allows users to manage their finances, subscribe to service packages, link various cards to current accounts, exchange currency at special rates based on the exchange amount and service package, issue both physical and virtual cards, make payments and transfers, locate bank branches and ATMs using online maps, and use the integrated Marketplace.

Duration: 7 months

Development Process
The development process was thoroughly planned and executed in several stages:

• Consulting and Business Analysis: Initial meetings and brainstorming sessions were conducted to gather high-level requirements and understand the client’s vision. This phase included consulting with stakeholders and conducting a thorough business analysis to ensure alignment with Bank BelVEB's goals.
• System Architecture Design: A detailed system architecture was designed to expand the application's functionality and ensure uninterrupted operations. This architecture was based on a microservice approach, providing flexibility and scalability.
• Native Mobile Application Development: The development of native mobile applications for iOS and Android platforms was undertaken. Key features included money transfers using phone numbers, integration of cards from other banks into a single wallet, instant virtual card issuance, and online courier delivery ordering with a bank card.
• Feature Integration: Additional options for user access, such as PIN code, fingerprint, and Face ID authentication, were incorporated. Integration with online maps was added to display bank branches, ATMs, and currency exchange locations. A Marketplace service was integrated, enabling users to make online purchases, order tickets for events, call a taxi, or buy insurance online. Acquiring services for non-cash mobile payments were also connected.

Key Functionalities

The "UP" mobile application offers a range of functionalities aimed at enhancing user experience:

• Money Transfers: Users can transfer money using phone numbers.
• Multi-Bank Wallet: The app allows integration of cards from different banks into a single wallet.
• Virtual Card Issuance: Instant issuance of virtual cards provides users with a secure option for online payments.
• Authentication Options: Various user authentication methods, including PIN code, fingerprint, and Face ID.
• Online Maps Integration: Displays bank branches, ATMs, and currency exchange points.
• Marketplace Integration: Provides access to a marketplace for online purchases, ticket bookings, taxi services, and insurance purchases.
• Non-Cash Mobile Payments: Enables non-cash mobile payments through the app.

Conclusion

The "UP" mobile application transformed Bank BelVEB’s mobile banking experience by meeting contemporary user needs and supporting a wide range of banking and partner services through a modern, efficient platform.

In an era where data privacy and regulatory compliance are paramount, Vebtech introduces Consent Management System (CMS). The system is designed to facilitate the automation and centralization of customer consent management across digital interfaces, ensuring alignment with data protection laws globally.

Product Overview

The CMS is a scalable solution developed to automate the complexities of consent management. Its capabilities ensure that businesses can seamlessly handle consent in compliance with data protection laws. The system's integrative design allows for a unified consent database, accessible through a centralized API, facilitating ease of management and audit readiness.

Stack

Made with ASP.NET Core, .NET 7, C#, PostgreSQL for the backend, and React alongside nginx for the frontend, the CMS offers security and reliability. The design prioritizes user convenience, enabling admins to easily manage system.

• - Unified Database of Consents: Centralizes all customer consents, enhancing the ability to track and manage them efficiently.
• - API Integration: Facilitates seamless interaction with the organization's front-end systems, allowing for comprehensive data governance.
• - Regulatory Compliance: Ensures the CMS is in strict adherence to the Republic of Belarus's legislation, setting a compliance standard that can be modeled for other regulatory environments.
• - Operational Efficiency: Optimizes the workflow for data protection officers, streamlining their daily tasks and improving overall data management practices.

Results

Since its inception, the CMS has notably decreased administrative burdens and mitigated compliance risks for over 200 companies. In one instance, a major bank's implementation led to a 50% reduction in consent-related inquiries. Such results reflect the system's effectiveness in enhancing data privacy operations and compliance.

Future outlook

As data privacy laws continue to evolve, Vebtech's CMS remains a pivotal solution for businesses needing to adapt quickly to new compliance challenges. Vebtech's ongoing commitment to innovation is evident in its continuous system enhancements and client-focused consultations.

Client Background

BelVEB BusinessHub is a platform included in the ecosystem of OJSC “Bank BelVEB”. It allows sellers and buyers to receive reliable information about each other, choose partners and goods, and conclude profitable secure transactions using the tools of BelVEB Bank and additional services provided by the platform.

Challenge

In order to test and improve the ability of the web application to resist cyber attacks, VEBTECH had to identify all the security weaknesses of all components of the web application and reduce the risk of the misuse of network services.

Solution

To conduct high-quality complex testing of the web application and its components, VEBTECH penetration testers used OWASP and NIST methodologies. This approach allows you to identify the most important security flaws in the web application and its infrastructure, and provides detailed instructions on how to eliminate the detected vulnerabilities.

VEBTECH presented a solution that included:

• External and Internal penetration testing;

• Vulnerability Assessment: Detect all vulnerabilities in the target web server and application servers using well-known automated tools, develop custom tests, and manual instrumentation testing.

• Static analysis of source code for vulnerabilities and misconfigurations.

Results

• White-Box penetration testing with the provision of a detailed report containing the testing methodology, a description of vulnerabilities and configuration weaknesses that could be exploited by an attacker, a risk assessment and recommendations for eliminating or minimizing risks.

• Static analysis of the code for vulnerabilities and security flaws with the provision of a detailed report in the format of a developer's workbook.

Client Background 

Coinchange is a digital asset management company that merges services of traditional finance with digital currencies and assets in a safe, convenient and profitable way. Coinchange  is  also  a  fintech platform  that  aims  to  bring  DeFi  and  crypto  wealth management  to  the  general  public  and  provide  high-yield  passive  income,  making everyone a successful investor. 

Challenge 

Aiming to enhance the protection of the web application app.coinchange.io against cyberattacks, VEBTECH needed to identify all security weaknesses of the  web application and mitigate the risk of the misuse of network services. 

Solution 

The security testing approach suggested by VEBTECH was based on OWASP security testing guidelines. VEBTECH presented a solution to Coinchange, which included: 

•Black Box web application Security Testing; 

•Vulnerability Assessment:  discovering all vulnerabilities in  the  target  web  and application servers with the use of known automated tools, developing specific tests and manual instrumental testing. 

Results 

Black Box Testing with the provision of a detailed report that contained: 

•Description of the application testing methodology; 

•Application overview; 

•Severity level and description of vulnerabilities and configuration weaknesses that can be exploited in application components; 

•Evidence; 

•Recommendations for eliminating or minimizing risks; 

•Reference Information.