GDG x Emirates NBD CODATHON

Challenge Statements
23rd Nov – 24th Nov 2018
Hello and Welcome,
DevFest UAE 2018, the largest annual Google Developer Groups tech event in the UAE, is a two-day
event that provides an opportunity to connect and learn all about Android, Web and Cloud from Emirates
NBD, Google and world experts. This year’s event includes workshops and panel sessions on a range of
hot topics including G-Suite, Google Assistant, UI/UX Design, and Artificial Intelligence, among others. The
event is being attended by GDG members in addition to students from the OpenUAE initiative, in
partnership with Emirates NBD.

We invite passionate developers and technologists to create innovative and impactful solutions.

Building on Emirates NBD’s commitment to drive innovation in the financial services industry, we
are hosting a CODATHON, a tech hackathon, part of DevFest 2018, that connects the brightest
young minds in the growing field of digital technologies.
 23rd November, Friday
24th November, Saturday
09:00
Kick-Off Presentation 11:01
GDG x Emirates NBD
10:01 Codathon ends
GDG x Emirates NBD
Codathon starts 11:01 to 14:00
Business Mentorship on Lunch

Codathon Challenge Themes

Elevator Pitches
Pre-screening - Curation of
Solutions by judges and
mentors
Agenda 24 hour cycle
coding starts
14:00 to 15:00
All teams prepare for pitches
based on mentor feedback

15:00 to 17:00
Shortlisted teams announced
on the spot for final pitching
Winner declaration
Awards Ceremony
Vote of Thanks
Challenge Statements
 1. Voice
Build a SDK or algorithm that can
Biometrics authenticate customers by their
Adopting Biometrics to provide multi-layered
security, thus introducing elevated contextual
voice on different channels such
customer experiences
as ALEXA, Google Home, IVR,
Video Banking, Mobile App, etc.?

With an increase in digital banking adoption, identity frauds are on the rise. In the wake of this, banks have taken it upon themselves to add newer factors of
authentication like face, voice, etc. The mechanics uses voice patterns to produce unique identification for every individual, using multiple physical and behavioral
factors. These include pronunciation, emphasis, speed of speech, accent, etc. Voice biometrics can be active where the customer states a passphrase like “my voice is
my identity” or can be passive to listen in the background of a conversation and identify the customer.

Voice authentication offers a seamless user experience, as the uniqueness of each customer’s voice allows them to get straight to the point without annoying PIN, OTP,
Security Questions and other verification processes.

If we need to introduce Voice Banking effectively via Alexa, Google Home, we need to have a capability to identify customers using their voice print, thus preventing
frauds and avoiding long manual validation processes. This lead us to our first challenge “Build a SDK or algorithm that can authenticate customers by their voice on
different channels such as Alexa, Google Home, IVR, Video Banking, Mobile App, etc.?”

To help your thinking further, here is some more material that will help you get acquainted with what industry view on the subject:
https://www.finder.com.au/the-rise-of-voice-biometrics-in-banking
https://www.voicesummit.ai/blog/voice-biometrics-in-banking-call-centers-and-even-catching-criminals
https://biometrictoday.com/voice-biometrics-in-banking-future/
 2. Smart
Build a Machine Learning
Security algorithm(s) to detect and analyze
Bringing next-gen security capabilities into the
digital landscape of the bank via cyber security, Malware on a network or
continuous monitoring, testing & experimenting
with new technologies workstation?

Determining function patterns associated with known vulnerabilities via malware family analysis, phishing identification, identifying malicious
scripts and domains etc. are critical to the underlying efficiency of the bank. Using AI, good-behavior models look out for anomalous and
malicious activities that don’t match the models. They typically look for anomalies such as excessive use of resources(CPU/Memory), unusual
amount of data being transferred, invocation of processes that have never been used before. However, flagging off all anomalies, might result in
too many false positives. Hence, anomalies must be further evaluated using bad-behavior models, thus reducing the amount of false positives.

So this brings us to our third problem “Build a Machine Learning (ML) algorithm(s) to detect and analyze Malware on a network or workstation?”

Here are some interesting opinions from others:

1. https://www.datanami.com/2018/01/25/deep-learning-approach-detecting-unknown-malware/
2. https://www.technologyreview.com/s/610881/with-this-tool-ai-could-identify-malware-as-readily-as-it-recognizes-cats/
 3. Intelligent
Build an algorithm to effectively
Recognition identify a) legitimate, b)
Using machine vision as an enabler technology to
augment the operating efficiency of the bank -
counterfeit and c) tampered
alternate input source, data extraction, process
automation, etc.
documents - Emirates ID or any
ID’s

Using machine vision as an enabler technology to augment the operating efficiency of the bank - alternate input source, data extraction,
process automation, etc.

Fraudsters often submit tampered documents, and currently these have to be manually detected by humans. Using machine learning and data
forensics techniques it’s possible to automatically detect forgeries as well as identify anomalies that wouldn’t be picked up by the human eye.
Machine learning algorithms look for inconsistencies in coloring, patterns, fonts, holograms and technical aspects like levels of JPEG
compression across the image to detect edits.
However, even valid documents often get flagged of forged, as these physical documents are subject to wear & tear, manufacturing errors,
printing mismatch; in addition to which the way these documents are captured depending on camera quality, glare, blur, light, etc., also affects
the outcome of the algorithms.

This leads us to our third challenge “Build an algorithm to effectively identify a) legitimate, b) counterfeit and c) tampered documents such as
Passport, Emirates ID and bank statements ?”
 4. Developer
Build a logic or a framework or an
Experience intelligent capability during the
Bringing intelligence to identifying the business
logic quality within a module is critical to the faster
automated code review process to
and agile delivery
verify that a critical business logic
has been changed before a
production release
Leading source control applications provide features such as version control, check-ins on one change basis, powerful branching and merging, shelving and check-in
policies. When a group of developers attempt multiple changes across different files, there are scenarios under which certain business logic functions (such as pricing
calculation, interest forecasting, average balance calculation, authentication, OTP creation etc. ) must be sensitive to any major change to such modules

Bringing a clever way to detect any changes to core business logic would make the experience of the developer better.

Build a logic or an intelligent capability during the automated code review process to verify that a critical business logic has been changed before a production release

Example: There is a two-step verification for logging into an application, password and OTP. For any reason if OTP source code is modified such as validation of entered
OTP to actual is skipped, leads to security issue. Assume this critical issue is not captured in code review and testing. It will be a great help if some automated way
verifies this critical functionality and alerts on the modification.
 5. Quantum
Build a cryptographic protocol
Crypto
Exploiting quantum mechanical properties to
using a combination of
perform cryptographic tasks is an emerging space.
Future of Cryptography changes Quantum Computing &
Normal Computing that is
Quantum resistant.
The unparalleled speeds and power of quantum computing can pose both a threat and a benefit for the future security. With the widespread adoption of quantum
computers, the current data encryption will become totally useless. Currently, cracking a password takes a considerable amount of time. With quantum computers at your
hand, cracking a password will be no problem at all.

Most of the IT security methods, today, are based on the assumption that a classical computer will require an extraordinarily long period of time to crack the code. Since
the quantum technology increases its speeds by crossing the classical computing limits, they will have no problem in processing the information and breaking the security
in a limited period of time. With such advent, our computers and financial institutions will be rendered vulnerable to any kind of cyber-attacks.
Fortunately, a new kind of security, quantum cyber-security, is already seeing to that problem by considering all the risks that quantum methods might pose to the digital
world. Further, it is also aimed to work on the quantum-key distribution, true random numbers and quantum safe algorithms.

Quantum computing has the potential to reduce the entropy/key space while normal computing can focus on brute forcing that limited key space.
This leads to our fifth challenge “Build a cryptographic protocol using a combination of Quantum Computing & Normal Computing to crack passwords and/or break major
cryptography engines.”

Here are some interesting opinions from others:

https://www.americanbanker.com/news/why-banks-like-barclays-are-testing-quantum-computing
https://www.wired.com/story/quantum-computing-is-the-next-big-security-risk/
https://www.eetimes.com/document.asp?doc_id=1329155
Good luck and see you soon!