Benjamin Howdle

Roadblock Title:

Securing a banking system’s UI and API

Time:

Tuesday - 3:00 PM (Tower B)

Abstract:

I’ll outline techniques, innovations, and implementations I developed during my time as CTO of both Letter & WorkMade over the past 6 years. This session will cover real-world security problems, protecting funds, and hiding sensitive system details from potential attacks.

I will focus on:

1. How to mask database IDs so they’re never exposed in API responses.
2. How to design a secure backend system to optimize for audit trails and security.
3. How to avoid the pitfalls of fundamental security design.

The session will also dive deeper into an RPC and RBAC system we implemented at Letter to ensure authorization was baked into every request the system hand

Bio:

Having worn multiple hats in early-stage startups as a founder, contributor, and collaborator with larger organizations, Ben has spent the last decade contributing to the growth of fintech companies worldwide. He is currently working on the new Commerce team at Clerk.