Defence in Depth
SLRP was designed with security at its core. Data is protected at multiple layers as transactions are processed through trusted cloud infrastructure. We've established strong control mechanisms to make sure data is kept safe across all components of SLRP.
Participants within SLRP are vetted through established banking practices. KYC and AMLA processes are in place to ensure users are identities are established prior to using the system.
Data in Transit
We made doubly sure that data is secured as it makes its way through the Internet. SLRP uses a variety of mechanisms to protect communications between banks, merchants and end-users. SLRP encrypts data across all transactions from device, applications and databases.
Data at Rest
Data within SLRP is secured even when not in use. The system encrypts data as it is stored within SLRP while private data is masked when extracted.
SLRP uses Point-of-Sale (PoS) and Automated Teller Machine (ATM) mechanisms to secure its terminals. Each mobile phone is protected by a unique device identifier, tamper resistant screen locks as well as user credential checks to validate all users of the system.
The same technologies that safeguard ATM credentials are also employed by SLRP. SLRP uses Hardware Security Modules (HSMs) to manage encryption keys for safe storage and processing of data.
Governance, Risk and Control
SLRP inherits its management features from our Core Banking Application Suite™ (CBAS) solution. Banking best practices are baked into the system for better operational control, audit and transaction validation.