Security. Developers are generally motivated by their curiosity to work on cutting-edge technology and solve real world challenges for users. Securing code is not always the most attractive part of those motivations, but it is a key part of the value. Certainly when working in the world of financial services, for a firm that builds code to transfer huge volumes of money across the globe, security can never be an afterthought.
Currencycloud is an API-led tech company. However, operating in the financial services sector means that as developers, we follow regulatory and security standards that are equivalent to those seen in traditional banking – from pen tests to reviews throughout the build process.
1. Prioritize security without disrupting innovation. One of the challenges for us was prioritizing security, without blocking the delivery of our key value proposition of seamless, fast cross-border payments. It’s an integral part of what we do, but it’s never seen as a burden for the developer team. In my view, this subtle mind-shift needs to be commonplace across the developer community for technology more broadly, whether engineers are building an international payments system or a face swapping photo app. However trivial the software may seem, the data behind it invariably carries a high value, and can cause harm if it falls into the wrong hands. On top of that, the reputation damage of a security breach can be disastrous for the company and its customers.
2. View security as essential part of product quality. A developer’s number one priority is quality. Delivering beautifully designed, maintainable software that delivers a great user experience – and fits the (often complex) brief. And security is an essential part of that quality. It can’t be a tick box and an eye roll at the end of the process, but a cultural approach that is built in throughout and involves ongoing testing during the build stage.
As data hacks and known vulnerabilities become more commonplace, regulation is clamping down on technology, regardless of which industry it sits in. In line with this trend, developers are being evaluated based on the depth of their security know-how and credentials as much as their software and speed of delivery.
Now’s the time to embrace this inevitable shift and take a look at how your organization is managing the complex juggle of security and innovation. If you’re building an international payments app or platform, check out our documentation to see just how simple the process is. Then our tech team would love to chat with you about how our security protocols can support your innovation. Drop us a note.