Security

At Ozone API security is our top priority. It has been embedded into our culture, our development process, and our technology from day one.  

Ensuring trust

Trust and security is at the heart of open banking, and our technology plays a key part. We adopt a transparent approach with our customers to earn that trust, and back it up with industry-standards and external attestation.

Measures:

Encrypt

Industry leading encryption technology is used across all our systems to protect data in transit, at rest and in-use.

Minimisation

We only store what is necessary, and securely delete it as soon as it’s no longer needed. Sensitive data is redacted from our logs and never stored. 

Governance

Our management systems build ‘secure-by-default’ practices into everything we do. All of our team are trained and background checked.

Operations

From design to deployment we continuously scan and test our production environments for threats. Our cloud environment is monitored 24/7 for issues.

Certificates

IASME Cyber Essentials
ISO/IEC 27001:2022

Responsible
disclosure

If you believe you have discovered a potential security issue in one of our products, we encourage you to disclose it to us privately at security@ozoneapi.com

While we greatly appreciate reports regarding security vulnerabilities, at this time we do not offer monetary compensation for reports.