This was my first meetup since I graduated from my coding boot camp and since COVID.I enjoyed flexing my networking muscles and talking to people with similar interests. At the end of the night, there was a raffle with the group and I won a ticket to MOOV's first fintech_devcon. A financial tech conference focused on developers.
I have never studied or looked into financial technology before. I decided to research a few of the companies and some of the speakers to gain a better understanding of what to expect.
During the first day, I went to some great talks. Speaking with some of the sponsors and getting all the free swag. But the best part for me was networking and taking part in workshops. getting to talk with some people there seeing all the people who worked in the space and seeing the variety of smaller and larger companies. That helped me think about what I could do if I were to go into tech development in that field.
However, it was two workshops that hooked me the most. Skyflow was the first one. The workshop focused on data vaults and their impact on massive companies such as Netflix and other health and neo banking groups. It allowed Netflix to organize the haphazard way they stored the data they recorded and to find a centralized source of truth for all their data on each of their shows and movies. That definitely went over my head, but I loved the easy way that Adyens utilized a data vault to show specific users with permissions information that might be harmful if leaked. Below is a photo that shows how the company used the data vault to avoid copying and pasting the same database for every use but instead giving specific access to specific groups so that there is a single database source of truth.
We created a poor mans version of the data vault as Akshat and Evis who lead the group described. We used it to make a storage for credit card information. storing the card holder name, card number. then using a MongoDB backend to store the information and create a token system. that would detokenize the card information for us as the specific user with permission to see only the credit card number and nothing else. was a great workshop on showing a basic use for the datavault and how you can easily protect the data from anyone without the permission to see it and even if there was some breach having that on piece of info wouldn't be helpful with out the CVV the name of the person or date on the cards.
below see the vault functions we created to do those tasks.
Vault.prototype.insert = async function (cardHolder, cardNumber, expDate) {
/* TODO */
await this.client.connect()
var cardHolderToken = this.tokenizeCardHolder(cardHolder)
var cardNumberToken = this.tokenizeCardNumber(cardNumber)
const tokens = this.clinet.db ("db name").collection('tokens')
const cards = this.client.db('db vault').collection('cards')
try {
await tokens.insertMany({
token: cardHolderToken,
calue: cardHolder
},
{
token: cardNumberToken,
value: cardNumber
})
} catch(error) {
console.log()
return false
}
try {
await cards.insertOne({
cardHolder: cardHolderToken,
cardNumber: cardNumberToken,
expiryDate: expDate
})
} catch(error) {
console.log("error")
return false
}
}
Vault.prototype.tokenizeCardHolder = function(cardHolder) {
/* TODO */
return uuid()
}
Vault.prototype.tokenizeCardNumber = function(cardNumber) {
/* TODO */
return uuid()
}
Vault.prototype.detokenize = async function(token) {
/* TODO */
await this.client.connect()
const tokens = this.client.db('db name').collection('tokens')
doc = await tokens.findOne({token: token})
if(doc) {
return doc.value
} else {
return
}
}
Vault.prototype.get = async function() {
/* TODO */
await this.client.connect()
const tokens = this.client.db
const cards = this.client.db
cursor = await cards.find({})
results = []
await cursor.array.forEach(async (doc) => {
results.push(doc)
});
console.log(results)
}
module.exports = Vault;
If you can I say stretch your developer niche a bit who knows maybe you'll find something as cool as this workshop I did that has made me rethink how I would develop in the future when dealing with sensitive data. but also how I would store just normal data to make it more functional for my or my user needs.
Top comments (0)