BASIS ID at the forefront of the Data Protection & Due Diligence Compliance
BASIS ID KYC service has been initially designed to satisfy various legal requirements and guidelines. We have thoroughly studied the AML/CTF legislation to provide a worldwide compatible solution and protect our clients by the highest standards in the field.
The platform provides a flexible verification process allowing both automatic and manual modes. Manual mode may include post-moderation enabling our Clients to make the final decision on user onboarding. We are able to provide unique case-to-case solutions for any business.
Our infrastructure is built in full compliance with the global and local regulatory requirements including FATF, MAS, GDPR, FINMA, FCA, and CySEC. We are operating at the forefront of Data Protection and regulatory legislation all around the globe.
Our system is constantly monitoring for the relevance of the existing users’ data. In case of any violation of the requirements you set for users, you will get notified of such and will be able to efficiently react with necessary actions taken.
All of our services that require data processing will request your clients to give a specific consent to use of the provided data in an obvious form and with the links to the necessary documentation.
We keep all the data encrypted at the Data Protection compliant Amazon servers, which are located in both Europe and Asia and considering the following factors: accessibility and data localisation requirements.
In an unlikely event of a Data Breach we take the responsibility to detect it and take all the necessary actions within 72 hours as ruled by the GDRP.
All personal data is stored encrypted on the cloud. As an integral part of our infrastructure, we use highly durable storage systems operated by Amazon which are designed for their only critical mission – data storage. We use TLS, SSL, HTTPS, AES, RSA, GnuPG, Lz4 and many other contemporary encrypting protocols.
We conduct outsourced testings of our security measures on multiple levels and make sure our software is hack-proof in every known way by cooperating with the lead web security specialists.
We encrypt every bit of data received or sent. For instance, data clusters interconnection is encrypted at least twice utilizing IPSec with an internal TLS. Connection to the Database is encrypted at 3 levels: IPSec, with integrated TLS TCP session sends requests and the data stored is encrypted with GnuPG. Even emails are sent via a secure TLS connections.
Our developers team performs regular stress tests of our systems to ensure every safeguard works as it is supposed to.