Skip to content

As part of its digitalisation strategy, Luzerner Kantonalbank (LUKB), working with ti&m, has launched its „Crowders“ crowdvoting platform. Read more about this innovative project, which turns the crowd into investment advisors, and find out why LUKB is looking to a high-end web application firewall to protect the platform.

Crowders is based on the principle of collective intelligence – the shared knowledge, the feeling and the experience of the many can replace the expertise of a few experts. This concept is put to use in Crowders for forecasting of the way in which share prices will develop. An Internet community, open to all interested parties, forecasts future prices of shares in the Swiss Leader Index (SLI). The users – called ‚Crowders‘ – are able to record a positive, negative or neutral assessment for each of the 30 separate shares in the SLI. The crowd’s performance is compared with actual market developments each month. In addition, users can compare their own judgements with the rest of the crowed and the market. The Luzerner Kantonalbank’s LUKB Crowders TopSwiss fund is its investment fund offering that incorporates the crowders‘ classifications into its weighting of the SLI shares in the fund. An attractive reward for the best forecast is offered each month to motivate the crowd to share its opinions.

LUKB at the leading edge of digitalisation

LUKB has developed the platform in close collaboration with the digitalisation specialist ti&m in just four months. For LUKB, Crowders is a further building block in its digitalisation strategy in the implementation of which it is being intensively supported by ti&m.

The highest security standards are a must for LUKB

The banking world is digitising feverishly. Information security is of major importance here. It is not only e-banking, but also business applications or web services which process confidential transaction data, which need comprehensive protection. Even web applications which are not critical to the business, or those which do not process sensitive data, make serious demands on reliable protection against attacks. LUKB and its partner ti&m are well aware of this.

This is why it is absolutely necessary for LUKB, being a security-sensitive company in the finance sector, that even a ‘simple’ website or a web application needs to be protected by a Web Application Firewall (WAF). The main reasons for, along with the numerous other reasons for a Web Application Firewall, are the following:

  • Gateway for other attacks: inadequately protected websites are gateways for smart hackers, allowing them to take control step-by-step and to penetrate other IT systems – in the worst case this may continue unnoticed and over a lengthy period. The entire security infrastructure of the web application landscape is considerably strengthened by the deployment of a Web Application Firewall, as certain types of attack are prevented.
  • Protection against damage to reputation: a website is a signboard and business card for a company. Integrity, i.e. the correctness of the information on a company website, is a sine qua non. An inadequately protected website can be disfigured by defacement, diverted to other purposes, or in the worst case, exploited for distributing malware. What is more, after modifying the website, an intruder could block access to the genuine operators of the website so that they are not able to correct the content as soon as possible. Reputation damage is the consequence. A Web Application Firewall provides reliable protection against defacement, and hence reputation loss.

LUKB sets its store by USP’s Web Application Firewall at

LUKB has protected its crowdvoting platform with a USP Secure Entry Server®. United Security Providers‘ Web Application Firewall has proved its worth all around the world and, thanks to leading edge protection mechanisms, ensures the availability of the Crowders platform and offers confidentiality and integrity of the data and transactions throughout.

The United Security Providers Web Application Firewall covers the full range of OWASP’s top ten web application security vulnerabilities. Whitelisting and blacklisting, rewriting, input validation, form protection and forceful browsing protection are used to monitor data flow alongside classical request screening by means of http filtering. Generic mechanisms reliably prevent popular attacks such as injection, cross-site scripting and cross-site request forgery. Session protection and session management prevent other users‘ sessions being hi-jacked. Https enforcement, SSL offloading, URL encryption complete the functionality of the state-of-the-art web application firewall. Availability of the platform for legitimate users can also be ensured should the system be attacked thanks to a multiplicity of DDoS protection mechanisms.