Bradley Du Chenne, CEO of Koalay.com, provided significant details about the data security of Koalay.com as a system where thousands of customers get price quotes and insurance policies every day. He explained how customer information is kept secure in the system, adding that securing the personal data of their users was one of the most important components of Koalay's service.
Underlining that Koalay.com website is certified with the highest green bar SSL certificate, Bradley Du Chenne informed that it was a security protocol used to secure data between 2 machines using encryption. Bradley Du Chenne reminded that personal information that is entered into the website such as names, telephone and emails, TC numbers, plate and vehicle registration numbers as well as credit card information, are all encrypted from hackers or spies using that SSL security protocol. He added: “Some sites only use the SSL certified protocols on their payment screens, however, Koalay.com has ensured that our entire website from start to finish is protected and encrypted using SSL. Customers can rest assured knowing that their information is safe on our system. In late 2014 we experienced a 12 hour continuous DDOS attack, which is often used by hackers as a smoke screen to distract and find back doors into systems. Thanks to the combination of our SSL certificate and the secure technology in our hosted environment, we ensured that none of our customer or internal confidential data was exposed during this attack.”
Emphasizing that Koalay.com is audited by the Treasury Department as a broker, Bradley Du Chenne said: “All our IP addresses are defined by Insurance Information and Monitoring Center (SBM) and authenticated by insurance companies, so no purchasing transactions will happen without the knowledge of these.”
Bradley Du Chenne also provided information on security systems utilized by Koalay.com, and said that the trust in online purchasing was already low in Turkey, especially when it comes to online insurance purchasing. He said that Koalay.com therefore made sure that throughout their entire process of online and call center purchase, they took the precautions to protect the customer’s information.
Reminding that they are not involved in the transaction as the broker, he said: “We are only facilitating the passing of credit card information from customer to insurance company, through an encrypted web-service. If the customer buys with the assistance of the call center, we allow them to input their credit card information into the system by entering the digits into an IVR. The sales consultant has no visibility of the details, and once the information is passed through the web service to the insurer, it is deleted.”
In addition, he underlined that they also developed a custom credit card fraud detection system, a sophisticated algorithm to prevent any stolen or credit cards to be used on Koalay.com.
Stating that they have been operating in accordance with the Law on the Protection of Personal Data since 7 October 2016, Bradley Du Chenne said: “All personal information entered into our system and passed onto third party systems (such as IP address, personal and contact information, personal identification, vehicle and license plate information, credit card information), again are all done through the highest security encryption. We request the customer’s permission when using our system to appoint us their broker and have us be their representative to oversee their insurance interests regarding the offer acceptance, selection and purchasing processes. As mentioned, we do not retain credit card information. We do however, retain and use the personal and vehicle information to provide them with fast, easy insurance services, as long as the individual permits this. Customers of course have the right to know how the information is being processed, for which reasons it is being processed, and have the right to request the deletion of this information, which we easily allow through email and call center channels.”