bunq is the second largest neobank in Europe, with over 12 million users across Europe. Pioneering many things considered impossible, the innovations bunq brought to the banking industry fundamentally changed how millions of people spend, save and invest their money. bunq’s goal is to make life easy for digital nomads, starting from the way they manage money: how they spend, save, budget, and invest. Building a borderless experience, bunq makes its users’ international lifestyle easy, wherever they are, offering everything a digital nomad needs from a bank.
With safety and security at the heart of bunq, the neobank needed a way to efficiently detect and take down phishing websites that impersonate bunq. Prior to implementing Camunda, this process was time-consuming, manual, and involved multiple teams.
Daily, 1.4 million new phishing sites appear online, and organizations face a complex and ongoing struggle to counter the threat. The proliferation of “phishing-as-a-service” and easily accessible “phishing kits” aggravates the issue further by streamlining the production of these sites and lowering the bar for the know-how needed to create them.
The challenge was to create a unified, automated system to manage phishing site takedowns effectively and promptly, ensuring user security, the best possible cybersecurity practices for compliance, and maintaining the bank’s reputation.
The decision to tackle the problem involved orchestrating various third-party tools to find, request takedowns, and follow up on the process of dismantling fraudulent websites.
Through Camunda’s process orchestration platform, bunq aimed to:
To meet growing user needs, bunq turned to Camunda for its flexibility and ease of integration, which were critical in managing complex processes. Its open architecture allowed for customization to meet bunq’s specific needs. Camunda fitted seamlessly within bunq’s existing tech stack, empowering employees with various technical backgrounds to engage with process automation.
Camunda improved coordination between teams, automating alerts, verifications, and communications. Integration with legacy systems was a potential barrier to success, though phased rollouts and support from Camunda’s team ensured a smooth transition.
Post-implementation, bunq observed a dramatic reduction in the time required to take down fraudulent websites—to mere hours. bunq’s volume of takedown requests has significantly grown, indicative of a more proactive and efficient system.
bunq reports that leveraging Camunda has significantly increased the processing of potential phishing sites, enabling them to take down multiple fraudulent cases every month. bunq can now proactively take down phishing sites before they become active, actually stopping the fraudsters before they can cause any harm.
By reducing manual intervention and errors, plus significantly decreasing the response time to threats, bunq can better and more efficiently adhere to regulatory standards related to cybersecurity and user protection.
Employees across the business can now create processes without extensive training, fostering a culture of process automation and bridging the gap between IT and the rest of the organization.
bunq plans to expand the use of Camunda to automate other security-related processes and continue promoting process orchestration company-wide. By leveraging BPMN and Camunda, bunq aims to improve operational efficiency, further reduce costs, and scale as the company continues to grow.
bunq’s adoption of Camunda has set a precedent within the banking industry for effectively utilizing process orchestration to combat phishing, and in promoting proactive cybersecurity for their users. The cultural shift towards enabling employees to implement their own automation has been pivotal in bunq’s strategy. The neobank now stands as a model of innovation and efficiency, demonstrating the strategic advantages of embracing Camunda’s orchestration technology.
Camunda © 2024