Login

How Finder Protects 300,000 Users’ Financial Data With Auth0

Why brute force detection and breached password detection are essential parts of the comparison website’s data security strategy

About

Every month 2.6 million unique visitors turn to Finder to save money and time, and to make important life choices. We compare virtually everything from credit cards, phone plans, health insurance, travel deals and much more. Our free service is 100% independently-owned by two Australians: Fred Schebesta and Frank Restuccia. Since launching in 2006, Finder has helped Aussies find what they need from 1,800+ brands across 100+ categories. Finder is a global comparison site with offices in Australia, the United States, the United Kingdom, Canada, Poland, the Philippines, and has over 400 crew globally.

Industry

Financial Services

Region

APAC

With 2.6 million unique monthly visitors, Finder is Australia’s most visited comparison site and a go-to destination for Aussies to compare the best deals on everything from credit cards and mobile phone plans to health insurance and travel deals. And their reach is expanding with strong growth in the US and UK.

When Joe Waller joined the team as Finder’s first Chief Product and Technology Officer in 2018, one of his first moves was to reinvent Finder’s membership program. While Finder’s existing model wasn’t broken, Waller saw an opportunity to better serve users by leading the development of the Finder app – an Australian-first app that connects users’ bank accounts to track their spending habits and identify where they could save by switching products. To do this, Finder needed a robust security solution that would keep users’ financial data secure.

“When our users provide us with membership and financial information, they are placing a level of trust in us, and it’s important that we honor that trust.”

Joe WallerChief Product and Technology Officer

Using an Identity & Access Management (IAM) Platform to Reduce Attack Surface

The protection of users’ data has always been of utmost importance to Finder and this was a key consideration in the creation of the Finder app. 

Using multiple user systems, including a main website service and credit score service, meant Finder could benefit from a solution that utilized a number of features to improve user data security and to consolidate several stores of user data into one unified system. "We wanted to reduce the potential attack surface, and consolidating our member data into a single, secure system was the best approach." 

Ultimately, Waller wanted to build a fortress around user data by integrating security into all aspects of the platform. “When our users provide us with membership and financial information, they are placing a level of trust in us, and it’s important that we honor that trust.” 

"We wanted to reduce the potential attack surface, and consolidating our member data into a single, secure system was the best approach."

Joe WallerChief Product and Technology Officer

Auth0’s Features Fortify Finder’s Data Stronghold

When Finder began moving towards a microservices architecture and building their app, they sought out an authentication provider that could provide “best-in-class” security. Once the decision to use Auth0 was made, Finder started to migrate hundreds of thousands of user accounts to the new system. 

One of the most important security features Finder uses is anomaly detection. It prevents malicious attempts to access the website or the Mobile application as well as blocks further login attempts. “Anomaly detection has proven to work,” says Waller. Brute force detection identifies potential attacks and blocks the offending IP. “It's good to see the defensive capabilities of Auth0 in the wild." 

Finder further secures their data by fully integrating Auth0 into their membership flow, with tokens refreshing regularly. This continuous authentication strengthens the walls of Finder’s data fortress. “It’s part of a ‘defense in-depth’ security strategy,” says Waller. “If you've somehow gotten through the castle walls, we don’t necessarily assume that just because you’re inside, you’re allowed to be inside. It’s safer to keep running additional checks, and so we continue to re-authenticate users.”

“Anomaly detection has proven to work. It's good to see the defensive capabilities of Auth0 in the wild."

Joe WallerChief Product and Technology Officer

Strong Security is the Bedrock of Finder’s Business Model

The Finder app launched in mid March 2020, with plans to then roll it out in the UK and the US. Outsourcing identity management helped Finder build a better app, faster. “Trying to build out authentication ourselves would divert all of the hundreds of engineers that we have working on key products and features for our members,” says Waller. 

Waller believes that a secure member platform is the foundation for Finder’s future: “For me, it’s a license to innovate safely and securely. Without a solid member platform that’s secure, we wouldn’t be able to innovate as quickly as we do. Any future work that we create, we make from eligibility programs or membership data which Auth0 has made possible.”

“Without a solid member platform that’s secure, we wouldn’t be able to innovate as quickly as we do. Any future work that we create, we make from eligibility programs or membership data which Auth0 has made possible.”

Joe WallerChief Product and Technology Officer

About Auth0

Auth0, a product unit within Okta, takes a modern approach to identity and enables organizations to provide secure access to any application, for any user. The Auth0 Identity Platform is highly customizable, and is as simple as development teams want, and as flexible as they need. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. For more information, visit https://auth0.com.

9K+

Enterprise customers

70+

Countries with Auth0

24/7

Support coverage

Get started →

Signing up is free. Experience Auth0 for yourself and see how we help companies of all sizes make their organizations safer.