Return to blog

Guarding the Front Door: How Mukul Shishodiya and His Team Secure SoFi’s Member Experience



By   |   June 2, 2026  |   Engineering   |  

When you visit SoFi.com or open the app and tap "Login," you’re interacting with the digital front door of your financial life. For most, it’s a three-second ritual. For Mukul Shishodiya, Senior Manager of Software Engineering, it is the culmination of 15 years of expertise in authentication and a non-stop mission to stay one step ahead of the world’s most sophisticated bad actors.

Leading a team of ten engineers, Mukul is responsible for the critical infrastructure that handles every single SoFi member login. We sat down with Mukul to discuss the unique challenges of fintech security, why he spends his free time on Reddit, and how his team balances ironclad security with a seamless member experience.

The Stakes of the "Login"

In the world of B2B software, a login delay might be a nuisance. In fintech, it’s an emergency.

"Everyone wants access to their money," Mukul explains. "Imagine a scenario where login is down for a couple of hours and you can’t access your funds. That’s why our team is so impactful: we have to ensure the system is stable and accessible 24/7."

Since joining SoFi four years ago, Mukul has grown the team from three engineers to ten, shifting the focus from mere "maintenance" to proactive innovation. His team doesn’t just build a gate; they build a system that recognizes the person holding the key.

"Fintech is different because it’s consumer-focused. We aren't just dealing with code; we're dealing with people's livelihoods. We have to be one step ahead of fraudsters who are constantly enhancing their skills with AI."

Member-Obsessed Engineering: From Reddit to Production

While many engineering leaders rely solely on internal roadmaps, Mukul and his Product Managers have a different secret weapon: Reddit.

"The cool thing about my team is that whenever we launch something, there’s a buzz on Reddit within one or two hours," Mukul says. "We monitor those channels closely to see what our customers are actually asking for."

This crowdsourced strategy has led to tangible features that members use every day:

  • Google Authenticator: A year and a half ago, the team introduced support for authenticator apps as a more secure alternative to SMS-based 2FA—directly answering member feedback.
  • In-App Notification: To combat phone scammers pretending to be SoFi employees, the team launched a feature that displays a notification within the app to confirm that an official SoFi representative is actually calling.

Beyond the Code: Educating the Member

Mukul believes that security is a partnership between the platform and the member. His team’s charter has expanded to include member education, using the login flow to teach safer habits.

"If you log in from a new device, you’ll immediately get an email," says Mukul. "That’s an education piece. It helps prevent account takeovers. We want to empower our members to understand how to keep their accounts safe, like moving away from weaker options like email or SMS toward more robust 2FA."

Why SoFi?

With 15 years in the domain, Mukul has seen every side of the security world. What keeps him at SoFi is the agility and the lack of red tape that often stifles big tech.

"In bigger companies, it’s very process-oriented. It’s hard to get buy-in. At SoFi, I can see something on Reddit, share it with my leadership, and we make it happen. We value our members' experience enough to be flexible, but we never compromise on the security side. It’s a thin line, but it’s what we do best."

Mukul’s Pro-Tip for Members

"A lot of people think phone OTP (SMS) is enough, but fraudsters are clever, they use things like SIM swapping to intercept codes. If you have the option, always use an authenticator app or a Passkey for the highest level of security so you’re not vulnerable to interception attacks!"

 

Engineering

All your finances.
All in one app.

SoFi QR code, Download now, scan this with your phone’s camera

App Store rating


Haley Reynolds

    CATEGORIES

    SoFi Daily

    Stay up to date on the latest business news and stock market happenings.

    Learn more

    Important: Bitcoin and other cryptocurrencies aren’t endorsed or guaranteed by any government, are volatile and involve a high degree of risk.

    Investment Products:
    ARE NOT FDIC INSURED • ARE NOT BANK GUARANTEED • MAY LOSE VALUE

    Broker Check

    Rule 606 Order Routing

    Statement of Financial Condition

    SoFi Money: SoFi Money® is a cash management account, which is a brokerage product, offered by SoFi Securities LLC. Member FINRA/SIPC. Neither SoFi nor its affiliates are a bank.

    The SoFi Money® World Debit Mastercard® is issued by The Bancorp Bank pursuant to license by Mastercard International Incorporated and can be used everywhere Mastercard is accepted. Mastercard is a registered trademark, and the circles design is a trademark of Mastercard International Incorporated. The Bancorp Bank is the issuer of the SoFi Money® World Debit Mastercard® only and is not responsible for other products, services or other offerings through SoFi.

    SoFi Invest:

    SoFi Invest refers to the three investment and trading platforms operated by Social Finance, Inc. and its affiliates (described below). Individual customer accounts may be subject to the terms applicable to one or more of the platforms below.

    1)Automated Investing and advisory services are provided by SoFi Wealth LLC, an SEC-Registered Investment Adviser (“Sofi Wealth“). Brokerage services are provided to SoFi Wealth LLC by SoFi Securities LLC.

    2) Active Investing and brokerage services are provided by SoFi Securities LLC, Member FINRA/SIPC, (“Sofi Securities). Clearing and custody of all securities are provided by APEX Clearing Corporation.

    3) Cryptocurrency is offered by SoFi Digital Assets, LLC, a FinCEN registered Money Service Business. For additional disclosures related to the SoFi Invest platforms described above, including state licensure of Sofi Digital Assets, LLC, please visit legal.

    Neither the Investment Advisor Representatives of SoFi Wealth, nor the Registered Representatives of SoFi Securities are compensated for the sale of any product or service sold through any SoFi Invest platform. Information related to lending products contained herein should not be construed as an offer or pre-qualification for any loan product offered by SoFi Lending Corp and/or its affiliates.

    SoFi Relay: SoFi’s Relay tool offers users the ability to connect both in-house accounts and external accounts using Plaid, Inc’s service. When you use the service to connect an account, you authorize SoFi to obtain account information from any external accounts as set forth in SoFi’s Terms of Use. SoFi assumes no responsibility for the timeliness, accuracy, deletion, non-delivery or failure to store any user data, loss of user data, communications, or personalization settings. You shall confirm the accuracy of Plaid data through sources independent of SoFi. The credit score provided to you is a Vantage Score® based on TransUnion™ (the “Processing Agent”) data.

    SoFi Protect/Ladder: Ladder offers term policies in New York (policy form # MN-26) that are issued by Allianz Life Insurance Company of New York. Term policies are issued in all other states and DC by Fidelity Security Life Insurance Company, Kansas City, MO (policy form No. ICC17-M-1069 and M-1069). Coverage and pricing is subject to eligibility and underwriting criteria. SoFi Agency and its affiliates do not guarantee the services of any insurance company. The California license number for SoFi Agency is 0L13077 and for Ladder is OK 22568. Ladder, SoFi and SoFi Agency are separate, independent entities and are not responsible for the financial condition, business, or legal obligations of the other. Social Finance, Inc. (SoFi) and Social Finance Life Insurance Agency, LLC (SoFi Agency) do not issue, underwrite insurance or pay claims under LadderLifeTM policies. SoFi is compensated by Ladder for each customer that completes an application through the SoFi-Ladder partnership.

    SoFi offers customers the opportunity to reach Ladder Insurance Services, LLC to obtain information about estate planning documents such as wills.

    Social Finance, Inc. (“SoFi”) will be paid a marketing fee by Ladder when customers make a purchase through this SoFi Protect link.

    All services from Ladder Insurance Services, LLC are their own. Once you reach Ladder, SoFi is not involved and has no control over the products or services involved.

    The Ladder service is limited to documents and does not provide legal advice. Individual circumstances are unique and using documents provided is not a substitute for obtaining legal advice.

    LadderLife™ term life is a term life insurance policy made available through Ladder Insurance Services, LLC (Ladder) and underwritten by Fidelity Security Life Insurance Company, Kansas City, MO. Product availability and features may vary by state. Not available in New York. The California license number for Ladder is OK22568. Policy Form No. ICC17-M-1069, M-1069. Policy No. TL-146.

    NOTICE: Recent legislative changes have suspended all federal student loan payments and waived interest charges on federally held loans until 09/30/21. Please carefully consider these changes before refinancing federally held loans with SoFi, as in doing so you will no longer qualify for these changes or other future benefits applicable to federally held loans.

    Terms and Conditions Apply. SOFI RESERVES THE RIGHT TO MODIFY OR DISCONTINUE PRODUCTS AND BENEFITS AT ANY TIME WITHOUT NOTICE. To qualify, a borrower must be a U.S. citizen or other eligible status and meet SoFi’s underwriting requirements. Not all borrowers receive the lowest rate. To qualify for the lowest rate, you must have a responsible financial history and meet other conditions. If approved, your actual rate will be within the range of rates listed above and will depend on a variety of factors, including term of loan, evaluation of your creditworthiness, years of professional experience, income, and a variety of other factors. Rates and Terms are subject to change at any time without notice and are subject to state restrictions. Notice: SoFi refinance loans are private loans and do not have the same repayment options that the federal loan program offers, or may become available, such as Income Based Repayment, Income Contingent Repayment, or PAYE. Your existing student loan(s) must total a minimum of $5,000 to be eligible for refinancing. Minimum loan amount may be higher in specific states due to legal requirements. Licensed by the Department of Financial Protection and Innovation under the California Financing Law License No. 6054612. SoFi loans are originated by SoFi Lending Corp. or an affiliate, NMLS # 1121636 (www.nmlsconsumeraccess.org)

    Lantern: SoFi receives compensation in the event you obtain a loan through the Lantern marketplace. The Lantern site is owned by SoFi Lending Corp. or an affiliate, a lender licensed by the DFPI under the CFL, license number 6054612, NMLS #1121636 (www.nmlsconsumeraccess.org). Loans may not be available in all states.

    Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc., registered in the U.S. and other countries.

    Google Play and the Google Play logo are trademarks of Google Inc.

    SoFi 234 1st Street, San Francisco, CA 94105

    SoFi provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, genetics, or any other basis prohibited by applicable law. In addition to federal law requirements, SoFi complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

    Additionally, SoFi participates in the E-Verify program in certain locations, as required by law. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

    ©2026 Social Finance, Inc. All rights reserved.
    TLS 1.2 Encrypted
    Equal Housing Lender