Data Encryption and Security
One of the keys to data protection is accounting for the possible states in which your data may occur, and what controls are available for that state:
- Data in transit. When data is being transferred between components, locations or programs, such as over the network, across a service bus, or during an input/output process, it is thought of as being in-transit.
- Data at rest. This includes all information storage objects, containers, and types that exist statically on physical media, be it magnetic or optical disk.
Data in transit is encrypted using the industry standard TLS min. 1.2 encryption algorithm.
Data at rest is encrypted using the AES-256 encryption algorithm.
To establish identity and trust between (Undefined variable: General.PlatformName) web-based platform and the web browser, the connection is secured via SSL certificates.
The SSL-secured communication between FintechOS Platform and the client is done using the symmetric encryption keys that are established during the authentication process.
The data model and all scripts defined within FintechOS Platform can be exposed through REST APIs to enable integration with 3rd party systems / solutions. FintechOS Platform APIs are secured through OAuth 2.0 and follow the OWASP security standards.
You can encrypt the data at rest using security best practices provided by the infrastructure provider of choice where you install and deploy FintechOS Platform (Microsoft Azure, AWS, IBM Cloud, other).
XSS Prevention
To prevent Cross-Site Scripting (XSS) and keep users safe, all user input data is sanitized by default, except for the following attributes: JavaScript, HTML and XML.
The XSS prevention secures your web apps by escaping user input of type JavaScript, HTML and XM. It censors the data received by the web pages in a way which disallows the following characters: ”<”, “</”, “>”, “<” and “>” (e.g., <text, </text, <text or >text) from being rendered.