Financial-grade security. By design.
Security is not a feature we bolted on - it is the foundation of every architectural decision. From HMAC-hashed identifiers to WORM audit logs, we protect Africa's financial data at every layer.
How we protect your data
Encryption
TLS 1.3 in transit, AES-256 at rest. National IDs are HMAC-SHA256 hashed with a 64-character key and never stored in cleartext.
SOC 2 Type II
Annual third-party audits covering security, availability, processing integrity, and confidentiality controls.
WORM Audit Logs
Every API call, consent event, and state change is written to immutable MinIO WORM storage for non-repudiation.
Ghana DPA 2012
Full compliance with Ghana Data Protection Act. Scoped consent, data minimization, and tamper-evident audit trails.
OAuth 2.0 + HMAC
Client-credentials bearer tokens via Ory Hydra. HMAC-authenticated API keys with sandbox/production separation.
Biometric Security
FaceNet/InsightFace for production-grade face matching. Liveness detection prevents photo and video spoofing attacks.
Fraud Monitoring
SecureFlow rules engine evaluates every transaction in <350ms P99. OminiShield GNN detects coordinated fraud rings.
Incident Response
24/7 on-call engineering with <15 minute response SLA for P1 incidents. Transparent status page with RCA publication.
Responsible Disclosure
Found a vulnerability? We appreciate responsible disclosure. Please report security issues to our security team.
security@ominihub.com