Welcome to SurakshaVault, a privacy-first data-sharing framework built to transform how fintechs handle, share, and govern sensitive user information. Designed by Team Codeblooded for Canara Bank Hackathon Suraksha 2025, SurakshaVault turns compliance and transparency into a competitive edge.
- 🎯 Introduction
- 🚨 Problem Statement
- 💡 Solution
- ✨ Key Features
- 📸 Screenshots
- 🛠️ Technology Stack
- 👥 Team Members
- 🚀 Future Enhancements
- ⚙️ Installation
- 📖 Usage
- 🤝 Contributing
SurakshaVault introduces a Trust-as-a-Service model for responsible data sharing across fintech ecosystems. In an era where data is vulnerable the moment it leaves your platform, our system ensures control, compliance, and clarity travel with the data—wherever it goes.
Fintechs face a growing challenge:
- Data Vulnerability: Sensitive data is frequently shared (banking, PII, income, behavioral data)
- Limited Control: APIs provide little post-sharing control or visibility
- User Concerns: Users fear data misuse, fraud, and unauthorized access
- Regulatory Pressure: GDPR, India's DPDP demands privacy-by-design, consent enforcement, and auditability
- Expanded Attack Surface: Integrations with third parties (Open Banking) increase security risks
SurakshaVault offers a comprehensive data governance solution:
- 🔒 Granular, pseudonymized data sharing via encrypted tokens
- 🤖 AI-driven fraud detection and behavior validation
- ⛓️ Immutable blockchain audit trails
- 📊 User dashboards for complete visibility and consent management
- 📋 Regulation-ready compliance engine for GDPR and DPDP Act
Our mission is to make data "smart"—self-governing, purpose-bound, and auditable beyond platform boundaries.
- Data is tokenized and decrypted only on verified clients
- Purpose-limited access that auto-expires
- Useless if APIs are leaked—no raw PII shared
- Lifecycle-based consent management (grant, revoke, auto-expiry)
- Full support for "Right to be Forgotten"
- Least privilege sharing by default
- Local fraud detection using IP, geo, and behavior patterns
- Smart access validation using AI before data is delivered
- Blockchain-powered audit logs
- Real-time user access logs & consent history
- Admin command center for full visibility
- 3-tier access model: Admin, Partner, User
- Verified onboarding (CIN/DIN based)
- Frontend-only decryption in zero-trust architecture (Pseudonymization)
User interface showing active consents, revoke button, and access history
Admin dashboard for verifying partners and monitoring requests
Encrypted token generation and frontend-only data decryption
Note: Screenshots can be added by uploading images into the
assets/directory and linking them here.
| Component | Technology |
|---|---|
| Frontend Decryption | AES-256 + JWT |
| AI Engine | Scikit-learn / TensorFlow.js (local) |
| Blockchain Logging | HardHat / Solidity-based chain |
| Backend Services | Spring MVC & Spring Boot |
| Infrastructure | Docker, Cron Jobs, AWS (scalable) |
| Compliance Engine | Custom APIs for consent & data deletion |
| Database | Firebase / PostgreSQL (flexible) |
Built with passion by Team Codeblooded:
- Anmol Upadhyay
- Harshita Yadav
- Ishan Bagra
- Jai Taneja
- Sahil Agarwal
- Cross-border data sharing with jurisdictional rules
- Partner scoring & automated reputation system
- Enhanced fraud prediction using ML ensemble models
- Public blockchain logging integration
- UI analytics to improve consent interaction design
- Multi-language support for global compliance
- Advanced encryption with quantum-resistant algorithms
- Java 17 (or Higher)
- Maven 3.6+ (or Gradle 7+)
- Git
-
Clone the repository:
git clone https://github.com/your-org/SurakshaVault.git
-
Navigate into the project:
cd SurakshaVault -
Configure the project
cp src/main/resources/application.properties.example src/main/resources/application.properties
-
Build The Project
mvn clean install
-
Run The Application:
mvn spring-boot:run
-
Access the application:
- Open your browser and navigate to
http://localhost:8080
- Open your browser and navigate to
-
Access the application at
http://localhost:8080 -
Use mock credentials for different user roles:
- Admin: Full system access and partner verification
- Partner: API access for data requests
- User: Consent management and audit viewing
-
Test core functionalities:
- User Dashboard: Manage consent and view audit logs
- Admin Panel: Verify partners and monitor system activity
- Partner Portal: Request tokenized data access
We welcome contributions! Please see our Contributing Guidelines for details.
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
If you encounter any issues or have questions:
- 📧 Email: [email protected]
- 🐛 Issues: GitHub Issues
- 📖 Documentation: Wiki
Empowering secure data sharing in the fintech ecosystem