4 cloud security concerns USPS: https://about.usps.com/handbooks/as805h/as805h_ch4.htm https://www.owasp.org/index.php/Authentication_Cheat_Sheet https://www.martechadvisor.com/articles/customer-experience-2/recommendation-engines-how-amazon-and-netflix-are-winning-the-personalization-battle/
What it does
Security: In addition to regular login we check for 5 rules: Device authentication Location based Auth Subsequent logins from different locations in a short span Unauthorized access (Continuous auth failure) High valued transactions If any of the above rules are violated a 2 way auth (Text alert/OTP via registered mobile)is triggered .
Recommender system implements: Recommending discounts in services based on their usage of services. Suggestion based on similar services used by the users in the past. Past mail history based recommendation. Recommendation based on delivery date desired.
How we built it
We built the frontend using react.js and backend using Node.js for the security part. Whenever the authentication fails, an email alert is sent to notify the user of potential threats or frauds. For the recommender system part we used R language. Here the customer who is looking at a particular service gets recommendation of other services which is relevant and which maybe of use to the customer based on past activities of users.
Challenges we ran into
One major challenge that we faced for the recommender system part is that we do not have access to sufficient data to provide optimum recommendations. Because of which we had to make our own dummy data and work on it. Also even though we had planned to cover many more aspects in security we had very limited time and were not able to work on some of those ideas. In spite of which we were still able to implement the major ideas that were planned.
Accomplishments that we're proud of
We are glad that we were able to work as a team and coordinate the work properly and complete a lot of things in limited time. Which would not be possible without the cooperation and contribution of each and every member of the group.
What we learned
Time management and how to work with real world scenarios
What's next for SecReT
We will try to improve the current system by adding additional and efficient features to it, to make it more useful for the customers.