With digital services enabling almost every aspect of our daily life – be it hailing a cab ride, ordering food or paying bills – safeguarding these interactions is becoming more and more critical to ensure that customers’ trust in a service is upheld. Cybersecurity, in all its myriad forms, is becoming increasingly important to maintain and retain this trust.
Careem takes the trust given by its customers, captains and partners seriously. We rely on a comprehensive range of cybersecurity technologies to keep customer data secure and tools like AI and Machine Learning (ML) based modeling to protect customer and captain accounts from takeover and fraudulent activities.
Walking the Talk on Security Paradigms
Sometimes an organization’s security strategy is often loaded with buzzwords that, while eliciting attention, does not provide direct, quantifiable benefits to the customers. Careem looks at security paradigms through the lens of pragmatic applicability, keeping the impact on customer trust at the core of its guiding principles.
Our security capabilities ward off more than 15 million attempts every day, keeping customer data secure and spoiling the nefarious intentions of cyber attackers. We build and fine-tune our security systems to identify, protect, detect, respond to and recover from security attacks in a cohesive manner. Our 24/7 Security Operations Center (SOC) provides round-the-clock vigilant monitoring and swift response by providing automated analysis and investigation of attacks and strictly adhering to our process quality framework.
Securing our Services by Design, Technology and People
Careem keeps its services secure by building and deploying them with adherence to the basic tenets of security – Zero Trust, Principle of Least Privilege and Secure by Design.
The resilient cybersecurity strategy at Careem relies on three prongs of implementation:
Design: ensuring all services and products are designed in a way that is secure by default. We employ threat modeling at the very beginning of a design stage, followed by secure coding practices, use of secure libraries and use of security quality control gates to ensure that the implementation of these products is secure.
Technology: ensuring that cybersecurity controls exist to prevent, detect and respond to security incidents across Careem systems and infrastructures following the principles of zero trust, employing state-of-art web application firewalls, secure resilient gateways, distributed denial of service protectors, etc.
People: ensuring that the usual (unfortunately) weakest link in the digital trust chain is bolstered. Our colleagues are informed and trained on how to protect customer assets, company information and themselves from cybersecurity threats. Information Security awareness campaigns and customer-focused campaigns on how to detect phishing attempts via email, SMS and phone calls ensure that customers and captains can also protect themselves from scammers.
We protect our customers and keep their data secure by following these strategies and implementing security features like data encryption, multifactor authentication and risk-based security capabilities.
Customer Experience and Fraud Prevention
As most financial transactions move online and as Careem starts to help facilitate and mediate these sensitive transactions, we are upleveling the prevention controls we have in place to protect our customers, captains and partners from fraud-related attacks. We use industry leading tools and AI and Machine Learning (ML) based fraud prevention capabilities to ensure that transactions with Careem are secure and protected from fraud.
We are constantly exploring the latest technologies, like push-based 2nd authentication factor, to make our customers’ interactions with Careem both frictionless and secure, providing solutions that combine the best of both worlds for our customers, captains and partners.
As a forward-looking customer obsessed company, Careem invests heavily in security, adopting the best-of-breed technologies and ensuring that we are building the right security culture and awareness in our organization. This article touches on just a few of the things we do. Follow our blog to know more about how we secure Careem and your trust in Careem.
#BeCyberSmart: If you See Something, Say Something, and report any suspicious activity to security@careem.com