Encryption at Rest

• Payment provider tokens (access & refresh tokens) encrypted in database

• Bank account information (IBAN, BIC, account holder names) encrypted

• All encryption stored with authentication tags to detect tampering

• Secure encryption format prevents data leakage even if database is compromised

• Encrypted data cannot be read without proper decryption keys

Encryption in Transit

• All sensitive data remains encrypted when sent between services

• Integration credentials protected throughout their lifecycle

• Bank details protected in API responses and database backups

• Tokens encrypted before storage, stay encrypted during retrieval

Robust Key Management

• Support for multiple encryption keys with versioning

• Automatic key rotation capability without data loss

• Active key tracking for encryption and decryption

• Future-proof architecture for adding new keys

• Fail-safe validation of encryption keys on startup

Advanced Tamper Detection

• Authentication tags (GCM mode) detect any data modification

• Organization context binding prevents cross-tenant data access

• Field-level binding prevents data misuse across contexts

• Automatic validation on every decryption operation

Secure Data Handling

• Sensitive data only decrypted where absolutely needed

• List endpoints never expose tokens or bank details

• Settings endpoints show only masked information to users

• Payment service decrypts credentials only during transactions

• Strict access controls on who can decrypt what

Compliance & Audit Ready

• Organization-level data isolation

• Purpose-based encryption (tokens vs bank data vs credentials)

• Audit trail support for decryption operations

• Supports regulatory requirements for financial data

• Secure logging without exposing sensitive information