Security and privacy are foundational to our platform, given the sensitive nature of financial and customer data we handle. Here is an overview of how we maintain technical security:
Strong Encryption
- We employ industry-standard encryption protocols and hashing algorithms to safeguard data at rest and in transit, ensuring that sensitive information remains inaccessible to unauthorized access or interception.
- Advanced cryptographic methods and protocols are utilized, such as SSL/TLS, for secure communications, and AES for data encryption, enhancing the confidentiality, integrity, and authenticity of data.
Robust Authentication
- Authentication is a multistep process initiated by the user generating a key pair, registering IP addresses, receiving, signing, and verifying unique tickets, which leads to the generation of time-limited tokens that grant authorized access.
- Once authenticated, API users receive uniquely signed tokens, enabling them to make secure requests to the R360 API. These tokens have a validity period of 60 minutes.
- Robust procedures are in place for managing keys and tokens, ensuring immediate invalidation in any instance of compromised trust or keys.
Data Retention and Deletion
- Adherence to strict data retention policies is in place, in compliance with legal and regulatory requirements, ensuring the integrity of transaction history and the prevention of unauthorized data manipulation or erasure. Deletion and backdated operations are prohibited.
- Secure and compliant deletion methods are employed once data retention periods have expired (usually, after 5 years, depending on the country of operation).
Incident Response and Data Breach Management
- A proactive incident response plan and data breach management procedures are established, ensuring preparedness to respond promptly and effectively to any security incidents.
- We prioritize operational resilience and continuously enhance our systems to protect customer data and maintain uninterrupted service delivery.
Disaster Recovery and Business Continuity
- Regular data backups are stored in two independent data centres in London region, ensuring data resilience and minimizing the risk of data loss.
- Recovery procedures are in place to swiftly restore services and minimize downtime in the event of a disaster or system failure.
Our commitment to maintaining the highest standards of information security not only protects sensitive information but also builds trust with our clients and strengthens our reputation in the market. We continuously monitor and update our security practices to address evolving threats and ensure the resilience and reliability of our money transfer platform.
Our team is open to discuss the possibility of establishing additional security controls aligned with your financial institution’s policies and local regulations.
For more details, contact our technical team.