In order to be more trusted by users, DANA Improves its Platform Security System


Gadgetren – On the occasion of an online discussion, the DANA e-wallet and e-money applications conveyed their achievement in February 2022 that they have earned more than 100 million users and 5,000 online merchants.

This amount is accompanied by transaction activities per day of approximately 7 million. It is said that DANA itself has obtained a Security Score Card as a benchmark for domain security posture from independent assessors and is claimed to have achieved the top rank with an A score. Previously, in 2021 DANA started the Security Score Card with a B value.

In line with this news, DANA has also disclosed its strategic plans going forward so that users will have more confidence in using the DANA application for various transactions or other financial activities.

This is related to the findings of the Indonesian Digital Literacy Index Survey which states that the digital literacy index in Indonesia is in the moderate category with an index score of 3.49 and digital safety knowledge in Indonesia gets the lowest index score of 3.10.

In addition to doing a lot of education and collaboration on various occasions, such as not simply giving OTP codes to anyone to avoiding fraud in the form of acting on behalf of DANA either by telephone, website, or social media.

DANA also presents a security system that is tailored to the characteristics and needs of users to prevent unwanted events such as digital attacks such as Phishing, Social Engineering, and others.


On the other hand, DANA said that digital attacks will continue to develop so that security systems must be built according to the existing attack situation.

For user security, DANA will use a zero data sharing policy, namely the use of security technology ranging from PINs to self-developed facial verification technology known as DANA VIZ (Visual Identity Authorization) and regularly update ISO and PCI-DSS standards.

Furthermore, the DANA digital security system will be supported by DANA Protection which guarantees a refund of the user’s money in the event of a failure in the transaction. Fath Ade Surya as DANA’s VP of Risk Management explained that DANA has implemented controls to minimize the risk of digital security attacks on its application.

For example, using the risk engine Robo Detection system which has more than 1,000 models or transaction security risk cases. If a transaction is detected as fraud or a data breach is suspected, it is considered a failure, if the transaction is not fraudulent, it will be continued.


Fath revealed that the majority of fraud cases that DANA customers often complain about are phishing and scams. “The problem is also related to the low level of digital security literacy,” he said.

Norman Sasono as DANA Indonesia’s Chief Technology Officer said that DANA has used multiple layers of protection. First in terms of network, DANA uses digital signature security and NSA, SSL Pinning, and Https.

For site security, use a private key to enter the account and the risk engine. As for mobile devices using footprint, root device check, and UAP. Meanwhile, the DANA application uses a PIN, SMS OTP, Face Authentication, DBS, and security questions.

Teguh Aprianto as Cyber ​​Security Researcher & Consultant believes that DANA is effective enough to protect user data to prevent account theft. “Not only using OTP sent via SMS but also using PIN and facial verification,” he concluded.