Data Security

All document scans are processed and transferred under strict, GDPR compliant, safety policies.

Data Flow

1. The end-user sends the document scan to the FintechOS application server over secure communication channels (HTTPS encrypted messages, including the HTTP headers and request/response data).
2. The application server sends the document to the FintechOS cloud service via the Azure API Management gateway, also using HTTPS. The API Management gateway ensures secure communication and provides identity and access management to the FintechOS cloud service.
3. The document arrives at the FintechOS cloud service (hosted on a private load balanced cluster of virtual machines in the Azure cloud). The virtual machines are managed by FintechOS and can be accessed only using the API Management services (no Internet access is allowed to any virtual machine or load balanced cluster).
4. The FintechOS cloud service processes the document (each ID card field is delimited) and forwards each field for text recognition to the OCR service (also hosted on the Azure cloud).
5. The OCR service returns the field values to the FintechOS cloud service, which sends the information back to the FintechOS application via the API Management gateway.

No data is stored in cloud. All processed information is immediately deleted.

Location

The API Management gateway, the FintechOS cloud service (load balancer and virtual machines), and the OCR services are provisioned using the Microsoft Azure cloud service in the Western Europe data center (Amsterdam, Netherlands), with fail-over backup services on the Northern Europe data center (Dublin, Ireland). No data leaves the European Union in transit or at rest.

Based on customer requirements, similar services may be provisioned in the future in other regions.

Compliance

For cloud services compliance information, see:

• Overview of Microsoft Azure compliance
• Microsoft Services Trust Portal
• ABBYY Cloud SDK security overview