Infrastructure Security
- Service providers not subject to the Cloud Act, infrastructures hosted exclusively in the European Union
- Backups in accordance with the rules of the art
- Replication on remote sites
- BCP Business Continuity Plan and DRP Disaster Recovery Plan tested annually
- Regular vulnerability scans
- Intrusion tests performed by an independent service provider
Solution Security
- Access authentication
- Physical and logical data security
- Code security: OWASP top 10
Regularity compliance
- ACPR approval as an Account Information Service Provider (AISP), which is essential for connecting to end-customer banking data in full compliance
- Registered with the ORIAS 16001728, CIF member of the CNCEF PATRIMOINE
Security of our organization
- CISO, RCCI and DPO, reporting to the General Management
- Supervisory body: Risk Committee
- Recognized as PECI (Critical or Important Essential Service Provider) by major clients