Security and Transparency

Security and transparency

The architecture and infrastructure of our platform have been designed to offer users high standards of data protection while, at the same time, being programmed to be fast, scalable, and flexible, utilizing the best cloud technologies.

Infrastructure

Our IaaS utilizes a purpose-built, end-to-end, multi-layered security model. All servers are future-proof and regularly undergo independent third-party assessments.

Servers located in the European Union and GDPR compliant
Balancer with Linux Nginx dynamic server instances
MySQL engine with automatic daily backups
Mirroring system to ensure continuity to the system
Automatic monitoring of infrastructure and loads on API
Network security protocols (SSL OV, DNSSEC, DMARC)
256 Bit encryption and warranty up to € 250.000
Machine Learning instance for data analysis
EU Cloud Code of Conduct (CoC) compliant
ISAE 3000 Type 2 Report (FINMA) compliant
ISO/IEC 27001 (ISMS) compliant
SWIPO - Data Portability Code of Conduct
ESMA - Cloud Outsourcing Guidelines
ISO-50001 - Energy Management
EBA - Cloud Outsourcing Guidelines

EBA Outsourcing Guidelines

Provide specific guidance on the relationship between financial institutions and their service providers. In particular, the guidelines specify a set of aspects that should be included in the contract between the financial institution and their service provider, including requirements on sub-outsourcing, security, access, information and audit rights, and termination rights.

https://cloud.google.com/security/compliance/eba-eu

ESMA Cloud Outsourcing Guidelines

Assist regulated entities identify, address and monitor the risks that may arise from cloud outsourcing arrangements. The ESMA cloud outsourcing guidelines provide specific guidance on: key contractual elements, information security, exit strategies, access and audit rights and sub-outsourcing.

https://cloud.google.com/security/compliance/esma-eu

EU Cloud Code of Conduct

The EU Cloud Code of Conduct (CoC) was designed to contribute to an environment of trust and transparency in the European cloud computing market and to simplify the risk assessment process of Cloud Service Providers (CSPs) for cloud customers. The CoC was developed by Scope Europe, an independent third party association, in collaboration with several industry players.Adherence to an approved code of conduct, as described in GDPR Article 40, can be used to help demonstrate that sufficient guarantees have been made to implement appropriate technical and organizational measures as a data processor under the GDPR.

https://cloud.google.com/security/compliance/eu-cloud-code-of-conduct

Google Cloud Platform

Google is carbon neutral today, but aiming higher: our goal is to run on carbon-free energy, 24/7, at all of our data centers by 2030. Plus, we’re sharing technology, methods, and funding to enable organizations around the world to transition to more carbon-free and sustainable systems.

https://cloud.google.com/sustainability

EU Cloud Code of Conduct (CoC) Level 2 Verification

Architecture

The IT system is born with the best modern technologies without the use of frameworks to ensure maximum execution speed and to keep the sources lean and argued.

Front-end code with HTML5, CSS3 and Javascript
High performance PHP 7-8 optimized backend code
empty label
Oracle and ORM world database
The code uses dedicated algorithms with highly confidential internal protocols with active encryption systems and private network setup dedicated to the most delicate processes.
The post-login system supports 2FA authentication, transactional emails, data verification, fraud detection systems, and a proprietary management system for data monitoring.

RaaS (Rating as a Service)

All systems communicate with a central API that sorts requests and assembles data from different sources and internal batch analysis procedures. An artificial intelligence of ML (Machine Learning) analyzes the data in possession.