Security
Security is built into our website, dashboard, and wallet services from the ground up. Our infrastructure, access controls, encryption standards, monitoring, and recovery processes are designed to protect customer data, transactions, and service availability.
Enterprise Cloud Security
Our platform runs on a secure AWS environment designed for confidentiality, integrity, and availability of customer data.
Strict Access Control
Least-privilege permissions, privileged access management, fine-grained IAM controls, and multi-factor authentication help protect platform and wallet access.
Encryption by Default
Sensitive platform and wallet data is encrypted in transit, at processing, and at rest using strong industry-standard controls.
Continuous Monitoring
Threat detection, audit logging, infrastructure monitoring, alarms, and incident analysis help us identify and respond to suspicious activity quickly.
Resilience & Recovery
Multi-zone hosting, nightly backups, point-in-time restore, and disaster recovery planning support business continuity.
Compliance-Aligned Operations
Our hosting and operations are aligned to recognised security and quality standards with audit and governance controls.
Secure Infrastructure & Platform Architecture
Our platform is hosted in a secure AWS environment built for corporate client implementations. Environments are separated at AWS account level to support physical and logical separation of resources, with repeatable infrastructure deployments and managed cloud services where appropriate.
Environment Separation
AWS Organizations and structured account separation help isolate environments and reduce unnecessary exposure across workloads.
High Availability Design
Wallet services are hosted across multiple AWS availability zones to reduce single points of failure and support resilient operations.
Access Control & Identity Protection
Access to infrastructure and sensitive systems is controlled through least-privilege policies, fine-grained permissions, privileged access management, and role-based controls. Multi-factor authentication is used as a standard for portal and API access.
- • Principle of least privilege
- • Fine-grained IAM policies and permissions
- • Multi-factor authentication for account access
- • Dual-authentication controls on sensitive environments
- • Immutable access logging
- • Restricted technical access to core systems
These controls are designed to ensure that only authorised users and authorised processes can access the specific services and data required for their role.
Data Protection & Encryption
Customer and wallet data is protected using strong encryption controls. Database instances are encrypted using industry-standard encryption, and sensitive data is additionally protected with managed keys and secure handling practices.
At Rest
Encrypted database storage, including encrypted RDS instances and protected backups.
In Transit
Data and payment-related traffic are transmitted using encrypted channels and secure protocols.
At Processing
Sensitive systems are protected during processing with secure controls aligned to compliance requirements.
We also apply masked handling for sensitive payment input fields and do not expose card information in unencrypted form.
Monitoring, Detection & Incident Response
Our environments are monitored using AWS-native observability and audit services to support governance, anomaly detection, operational health, performance monitoring, troubleshooting, and incident investigation.
Monitoring Stack
- • AWS GuardDuty for threat detection
- • AWS CloudTrail for governance and audit trails
- • AWS CloudWatch for alarms, logs, and operational visibility
- • AWS X-Ray for performance tracing and troubleshooting
Response Process
Security events are investigated through a formal incident process covering identification, severity classification, containment, eradication, recovery, and root cause review.
Backup, Recovery & Business Continuity
Our wallet and platform operations are supported by disaster recovery and continuity controls designed to minimise downtime and limit data loss in the event of an incident.
- • Full nightly backups retained for 35 days
- • Point-in-time restore backups every 5 minutes
- • Blue/Green deployment process across environments
- • Failback procedures and operational restore planning
- • Automatic minor version updates for integrity and protection
- • Scheduled maintenance windows for controlled updates
Standards, Audits & Secure Operations
Our security posture is supported by recognised security and quality standards, independent audits, and secure cloud operating practices.
- • ISO 27001-aligned security management references
- • ISO 9001 quality management references
- • PCI DSS-aligned hosting and encryption controls
- • Independent audit and compliance review references
- • Ongoing risk assessment and security improvement
- • Secure deployment lifecycle and managed cloud controls
Security is not a one-time feature. It is part of our operational model, with continuous review, monitoring, controlled deployments, and ongoing improvements to strengthen website, dashboard, and wallet protection.