Canara Bank

SuRaksha Cyber Hackathon

264 Registered Allowed team size: 3 - 5
264 Registered Allowed team size: 3 - 5
REGISTER NOW REGISTER NOW
Idea Phase
Online
starts on:
May 26, 2025, 08:25 AM UTC (UTC)
ends on:
Jun 08, 2025, 06:25 PM UTC (UTC)
Prototype submission
Online
starts on:
Jun 15, 2025, 09:30 AM UTC (UTC)
ends on:
Jul 12, 2025, 06:29 PM UTC (UTC)
About Teams FAQs Evaluation Criteria Discussion

Overview

SuRaksha, an initiative by Canara Bank, is a campus-focused hackathon designed to reshape the future of digital security in fintech platforms. In an era of rapid banking digitization, traditional password-based logins are proving insufficient. This hackathon calls upon innovative minds to develop behavior-based user authentication systems that enable real-time fraud and anomaly detection, support password-less login mechanisms, and ensure a seamless user experience — all while upholding the principles of privacy and convenience.

In addition to rethinking authentication, the hackathon addresses one of the most pressing challenges in modern financial services: data privacy. With fintech platforms relying heavily on sensitive customer data to deliver tailored services, safeguarding this data across increasingly interconnected ecosystems is now a critical imperative. Participants are encouraged to propose solutions that not only fortify data security, but also promote transparency, ethical handling, and user trust in data-sharing practices.

Themes

Enhancing Mobile Banking Security through Behavior-Based Continuous Authentication

 

Context:

With the increasing adoption of mobile banking applications, traditional authentication methods—like passwords, PINs, or even biometrics—are no longer sufficient to protect users from sophisticated threats such as account takeovers, session hijacking, or fraudulent transactions. Cybercriminals often exploit compromised credentials or session vulnerabilities post-login.

To counter this, financial institutions are turning to Behavior-Based Authentication (BBA) — a method that continuously verifies a user’s identity based on behavioral patterns such as typing speed, swipe gestures, tap pressure, navigation flow, device handling, and even geolocation trends.

Challenge:

You are tasked with developing an innovative solution for continuous, behavior-based authentication tailored for mobile banking applications.

Your solution should:

  • Learn and adapt to user behavior using machine learning algorithms.
  • Detect real-time anomalies that may indicate fraud or unauthorized access.
  • Trigger adaptive responses such as session termination, re-verification, or limited feature access.
  • Balance security, user convenience, and privacy seamlessly.

Problem Scope:

Address at least one of the following:

  • Which behavioral traits are most effective for robust continuous authentication?
  • How will your model distinguish between genuine anomalies (e.g., user is traveling) and fraudulent behavior?
  • What actions should the system take when an anomaly is detected?
  • How will your approach remain non-intrusive, privacy-respecting, and energy-efficient?

Expected Outcomes:

  • A functional prototype or concept for continuous behavior-based authentication.
  • Use of synthetic or realistic behavior data to validate your solution.
  • Demonstration of fraud detection capabilities with minimal false positives.
  • A clear explanation of your methodology, models, and approach to privacy/security trade-offs.

Considerations:

  • Edge cases: elderly users, users with disabilities, or those under duress.
  • Compliance with data privacy regulations (e.g., DPDP, local IT laws).
  • Optimized performance to prevent excessive battery or resource usage on mobile devices.
Securing Sensitive Customer Data in Fintech Ecosystems with Responsible Data Sharing and Privacy Protection

 

Context:

Fintech platforms are revolutionizing financial services by offering users seamless, personalized, and real-time experiences—whether it’s budgeting, investing, lending, or digital payments. These services rely on the collection and processing of sensitive personal information, including:

  • Bank account details
  • Transaction histories
  • Income data
  • Personally identifiable information (PII)
  • Device and behavioral data

As cyber threats become more frequent and complex, customer trust is declining, and regulatory scrutiny is intensifying. This is further challenged by the rise of data-sharing ecosystems—where fintech companies integrate with third-party services and APIs (e.g., Open Banking). While such integrations unlock innovation, they also introduce risks like data overexposure, unauthorized access, and reduced control over customer information.

Challenge:

You are invited to design a solution that enhances data privacy and protection in fintech environments—particularly when sharing data with external entities.

The central question is: "How can fintech companies share data responsibly—preventing misuse, enforcing boundaries, and retaining control in a distributed data ecosystem?"

Your solution should address:

  • How to minimize the amount of shared data per use case or partner.
  • How to prevent misuse or abuse of data post-sharing.
  • How to define and enforce boundaries on data usage and retention.
  • How to monitor, log, and audit access to shared data.
  • How to enable meaningful user control and consent management.
  • How to stay compliant with regulations like GDPR, India’s DPDP Act, and more.

This challenge goes beyond secure APIs or encryption—it’s about building a trust framework that governs the entire lifecycle of user data, even outside your platform.

Problem Scope:

You may focus on one or more of the following areas:

  • Privacy-by-design architecture for cross-platform data sharing.
  • Techniques like tokenization, data masking, zero-trust access, or differential privacy.
  • Real-time monitoring systems for unusual data access or leaks.
  • Smart contracts or enforceable data usage policies embedded with the data.
  • User-facing tools for consent management, access logs, and data visibility.
  • Accountability mechanisms and compliance-ready reporting tools.

Expected Outcomes:

  • A working prototype, framework, or proof-of-concept demonstrating secure and privacy-respecting data sharing.
  • Use of anonymized or synthetic data for demonstrating system functionality.
  • A detailed explanation of:
    • Technologies and techniques used
    • How misuse is detected or prevented
    • How user rights and compliance are supported
    • Integration into real-world fintech ecosystems

Considerations:

  • Your solution should be scalable, interoperable with multiple APIs and fintech partners.
  • Design with usability in mind, even for non-technical end users.
  • Account for data residency, cross-border laws, and varying data sensitivity levels.
  • Aim to minimize data exposure while maximizing transparency and accountability.

Prizes

Main Prizes
First Prize
INR 500000
Second Prize
INR 300000
Third Prize
INR 200000
Special Prizes
Special Prize (2)
INR 50000
starts on:
May 26, 2025, 08:25 AM UTC (UTC)
closes on:
Jun 08, 2025, 06:25 PM UTC (UTC)
REGISTER NOW

Social Share

Help & Support

Please contact event admin
Canara Bank at csw@canarabank.com
Notifications
Mark All as Read
View All Notifications

?