Plataforma de banca de empresas
Equípese con tecnología preparada para el futuro para crear y lanzar productos bancarios para empresas totalmente personalizables y prestar servicios financieros excepcionales a empresas y PYME.
How we accomplish it
Penetration tests
We conduct ongoing internal security assessments, which are further reinforced by multiple external penetration tests each year performed by security researchers. These penetration tests address network security and common web application vulnerabilities to ensure our system complies with data security standards.
Incident response
We provide comprehensive SLA support for our software, ensuring reliable performance, timely issue resolution, and continuous updates to meet your business needs.
Data security
We employ principles such as defense-in-depth, need-to-know, and least-privilege to mitigate the risk of security incidents from internal and external threats. We utilize a range of preventive, detective, and mitigative controls to ensure robust protection.
Transparency
We prioritize transparency, offering publicly accessible APIs and data dictionaries, sharing full system documentation with clients, and welcoming external audits and penetration tests.
Security layers
Velmie viene con un sistema KYC integrado en el proceso de incorporación para permitir la verificación de la identidad del cliente de acuerdo con las políticas de su organización. El sistema presenta acceso de múltiples niveles y límites para una mayor flexibilidad en la incorporación, el monitoreo de transacciones y el cumplimiento.
Organizational Security
Velmie rigorously adheres to ISO 27001 standards, implementing comprehensive organizational security measures. These include physical and digital access management, network security, business continuity and backup practices, incident response, and third-party risk management, among others. Regular audits and risk assessments are conducted to proactively identify and mitigate potential risks to our customers' data.
Infrastructure Security
Velmie's single-tenant approach ensures superior security and data privacy compared to multi-tenant SaaS systems, where company data is not isolated. This approach allows for the customization of hosting environments to meet specific regulatory requirements. All data at Velmie is encrypted using TLS and AES-256-GCM, and audit trails track historical key data changes. The platform also incorporates a range of security mechanisms, including API protection, Identity and Access Management (IAM), JWT-based authentication, DDoS protection, and Jail safety mechanisms.
Incident Response
Velmie has established comprehensive business continuity and disaster recovery procedures to address potential disruptions. In the event of an incident, our clients receive prompt assistance as per Service Level Agreements (SLAs), with regulated response and resolution times to ensure software availability.
Software Security
Velmie prioritizes software security through regular penetration testing conducted by both in-house engineers and external security researchers to meet OWASP standards. Security is integrated into our development process, with code analyzed by static analyzers to identify potential vulnerabilities. The QA team performs mandatory security tests to verify the code, while the DevOps team employs CI/CD practices to automate testing and update delivery.