Security

Bank-grade security. Enterprise-grade compliance.

Lynqx is built from the ground up to meet the security standards that banking infrastructure demands. SOC 2 Type II, AES-256 encryption, and full audit trails — not as an add-on, but as the foundation.

Request security documentation
SOC 2 Type II
ISO 27001
PCI DSS Ready
GDPR Compliant
RBI Guidelines
FCA Registered
MAS Aligned
DPDP Act (India)
AES-256 encryption

All data encrypted at rest and in transit using AES-256-GCM. TLS 1.3 enforced on all API connections. No plaintext credentials ever stored.

Zero-knowledge key management

API credentials are hashed using bcrypt. Lynqx never stores your bank credentials in plaintext. Keys are scoped, rotatable, and revocable per entity.

SOC 2 Type II certified

Independently audited by a Big 4 firm annually. Covers security, availability, processing integrity, confidentiality, and privacy. Report available under NDA.

Full audit trail

Every API call, configuration change, and user action is immutably logged with timestamp, user identity, IP, and request payload. Exportable for compliance.

Role-based access control

Granular permissions per user, per entity, per API scope. MFA enforced on all console access. SSO via SAML 2.0 and OIDC available on Enterprise.

Network isolation

All infrastructure runs in isolated VPCs with no public database exposure. Private Link available for Enterprise. IP allowlisting supported on all plans.

Penetration testing

Quarterly penetration tests by independent security firms. Results shared with Enterprise customers. Responsible disclosure programme active.

Data residency

Choose your data region: India, Singapore, UAE, EU, or US. All financial data stays within your chosen region. No cross-border transfer without explicit consent.

Incident response

Defined SLA for security incidents: P0 acknowledged in 15 minutes, P1 in 1 hour. Customer notification within 24 hours of any breach. Post-mortems published.

Compliance by region

Built for regulated markets.

Banking infrastructure in emerging markets means navigating a patchwork of regulations. Lynqx maintains active compliance programmes in every market we operate in.

Request compliance documentation
🇮🇳
India
RBI Payment Systems, DPDP Act, NPCI Guidelines, FEMA compliance
🇸🇬
Singapore
MAS Notice PSN01, PDPA, Technology Risk Guidelines
🇦🇪
UAE
CBUAE Regulations, ADGM/DIFC frameworks
🇬🇧
United Kingdom
FCA authorisation, PSD2 compliance, UK GDPR
🇪🇺
European Union
PSD2, GDPR, DORA readiness

Need our security documentation?

SOC 2 report, penetration test results, DPA, and compliance docs available under NDA for enterprise evaluations.

Request documentation Responsible disclosure