With the effect of the global pandemic, the technological breakthrough process of almost every sector has now become a necessity. Pointing out that companies are struggling with the effects of an unprecedented year due to pandemic while trying to keep up with increasing competition and changing customer preferences, Burak Sol, SFS's Executive Vice President of R&D and Software, said: “While ‘digitalization’ was seen as a reason for competition in the past years, it became a necessity to survive and stay in the game today. This situation is not different for the insurance sector. The sector, which experienced a shrinkage last year, wishes for a strong return in the current year, and insurance companies wish to offer their products to their customers in the fastest and most effective way.” “So are we safe enough in this rapidly evolving and transforming digital world? Is the ‘Right to Privacy’ and ‘Protection of Personal Data’ of all stakeholders, especially the insured ones, effectively ensured?” In response to these questions, Sol said: “We are at the cutting edge of integrations with all institutions and organizations in order to be able to bid faster and provide the user with a better service and procurement experience. It is the ultimate goal of every system to gather maximum information by asking for minimum data from the user. We have responsibilities such as preventing the illegal processing of and access to the obtained data and information, securing such information, preventing it from being used for different purposes, and ensuring that access is subject to data masking and is traceable when necessary in line with the authorizations. In addition, such data and information must be protected against all kinds of attacks.” “Our efforts on the Turkish Law on Protection of Personal Data, which entered into force in the past years, continues at full speed, as it is an important field for us. We not only bring insurance companies together with the insured end-to-end with digital platforms in a fast and effective manner, but also take care to protect all kinds of data and information collected; and we are developing our systems with this awareness,” said Burak Sol, and explained the LPPD (Law on the Protection of Personal Data) efforts as follows: “As a result of the integrations with the ‘Insurance Information Center’ and ‘Identity Information Sharing System’, which are the leading components of the insurance ecosystem, we have performed our project to store data in accordance with applicable laws, to display and share data on screens with data masking in all desired sales channels, including digital platforms, in line with the authorizations. We carry out this project as part of our efforts on LPPD. With such improvements, we managed to prevent data leaks based on negligence or stealing of passwords. Afterwards, we displayed the minimum data required for the user, again in an identifiable format on the screen with data masking, depending on the authorizations. With such improvements, we managed to prevent data leaks based on negligence or stealing of passwords. Afterwards, we displayed the minimum data required for the user, again in an identifiable format on the screen with data masking, depending on the authorizations. We provided all of these through a software-independent central authority management structure that can be easily identified and monitored by data managers. In this way, we have established a system where we can manage who can access which data, when and how, and questions such as who accesses which data, when and through which channel can now be answered in more detail than ever before. Moreover, we have added the date of birth information as “optional” besides the identity number of the person in order to access personal information from the ISS system, which is planned to become a legal obligation in the future. In addition to user and data security, we have activated the use of captcha, which can distinguish between human and computer against information theft and malicious attacks. We have implemented a multi-criteria identifiable limit structure for data analysis processes, including all digital and basic insurance screens, especially for web services.”

“We do not only define ourselves as a software and technology provider in this process,” said Sol, adding: “With our experienced consultant teams, we also provide consultancy for insurance companies to protect and improve their competitive advantages, to ensure sustainable profitability, and to deliver their products to their insured customers in a fast, effective and purposeful manner. In order to provide all these services, we believe in effective, balanced, and sufficient security, which is expandable with easy identification when requested without interfering with the software. In line with our principle of ‘Identify One Time, Use Everywhere’, we care to ensure that the identified authorizations and restrictions can be used simultaneously in all digital channels such as web services, portals, mobile channels, and basic insurance systems without any additional effort. To ensure end-to-end data and information security, we address the systems in a categorized manner with headlines such as data discovery and analysis, authority matrix, operational processes, scheduled tasks, user security, traceability, and reporting,” said Sol, and concluded his speech as follows: “We have designed our solutions in such a way that they can be easily used not only by SFS systems, but also by the entire insurance sector, by even different sectors, and can be accessed with API layers. Thanks to the central authority matrix, we are able to provide data security not only for insurance but also for the different systems you use.”

‘PARAMETRIC AND FLEXIBLE SOLUTIONS’

Ray Sigorta Information Technologies Director Ceyhun Ulu said, “Instead of offering conventional fixed solutions, SFS provided parametric and flexible solutions for the implementation of the provisions of ISS Agreement. For example, the fact that we can perform masking on the basis of user groups for all areas in the system, has addressed not only the issues related to ISS provisions, but also our current and future needs within the scope of LPPD and information security. Moreover, the results of the added security measures and the fact that the measures can be changed on the basis of users and agencies enabled us to adapt to changing needs much easier and faster. We started to use 2FA with a pretty much of a smooth transition. We would like to extend our thanks to the SFS family.”

‘IT WILL BE A KEY ALTERNATIVE’

Zafer Emir, Deputy General Manager at Quick Sigorta Information Technologies, said the following about the KPS project: “The fact that online insurance transactions have been increasing rapidly in the last few years and the pandemic's intensifying effect on this speed have caused the concept of information security to become even more important. Therefore, this change in regulation will make an important contribution to the prevention of data theft and abuse of systems that the insurance industry, especially agencies, have experienced during the pandemic period. As such, the first phase Identity Information Sharing System project we have undertaken together with SFS, one of our insurance solution partners, has been successfully completed by fully complying with the transition dates given by the Insurance Information and Monitoring Center. The fact that the project has been designed in accordance with the flexible and parametric structure like in SFS's Basic Insurance Application, provides great convenience and diversity in the management of needs. When all phases of the Identity Information Sharing System project are completed, it will be an important alternative, especially for companies using SFS infrastructure, among the software needed within the scope of LPPD.” Zafer Emir