Agency for Regulation and Development of the Financial Market of the Republic of Kazakhstan discusses using Aitu as a protected communications channel between non-bank financial firms and consumers

The Agency for Regulation and Development of the Financial Market of the Republic of Kazakhstan has opened discussions with market participants on an initiative to use the domestic Aitu platform as an additional protected channel for interactions between non-bank financial organisations and financial services consumers, amid rising fraud and a need to strengthen information security and personal data protection. The initiative is also positioned as a way to standardise communications channels between financial institutions and consumers. The Agency points to Aitu’s technical architecture, including the physical location of servers and data within Kazakhstan’s protected perimeter, which it says mitigates risks of financial traffic interception and cross-border dissemination of personal data. It also highlights end-to-end encryption with access keys stored only on users’ devices, and the Aitu Passport system, which combines mandatory biometric identification and a cloud-based electronic digital signature to verify senders and recipients in a legally meaningful way, reducing phishing and impersonation risks. Open API interfaces and business-account tools are intended to allow even small financial organisations to integrate with the national infrastructure or use the service at low cost. The initiative to use Aitu in the financial market will be further worked through, taking into account the messenger’s capabilities and the interests of market participants.