Security at the heart of our approach as a software provider

Infrastructure Security

  • Service providers not subject to the Cloud Act, infrastructures hosted exclusively in the European Union
  • Backups in accordance with the rules of the art
  • Replication on remote sites
  • BCP Business Continuity Plan and DRP Disaster Recovery Plan tested annually
  • Regular vulnerability scans
  • Intrusion tests performed by an independent service provider

Solution Security

  • Access authentication
  • Physical and logical data security
  • Code security: OWASP top 10

Regularity compliance

  • ACPR approval as an Account Information Service Provider (AISP), which is essential for connecting to end-customer banking data in full compliance
  • Registered with the ORIAS 16001728, CIF member of the CNCEF PATRIMOINE

Security of our organization

  • CISO, RCCI and DPO, reporting to the General Management
  • Supervisory body: Risk Committee
  • Recognized as PECI (Critical or Important Essential Service Provider) by major clients