Birr Connect
DemoPricingDocumentation

Security and Compliance

Security Standards

The Ethiopian Platform API implements robust security measures to protect data and ensure trust:

  • End-to-End Encryption:
    • Data at rest is encrypted using AES-256.
    • Data in transit is secured with TLS 1.3.
  • Multi-Factor Authentication (MFA):
    • Developer accounts require MFA to access the developer portal and API key management.
  • Regular Penetration Testing and Bug Bounties:
    • Quarterly penetration tests are conducted to identify vulnerabilities.
    • A bug bounty program rewards responsible disclosure of security issues. Details at https://api.birr-connect.com/bug-bounty.

Data Privacy

The platform prioritizes user privacy and compliance with local regulations:

  • Compliance with Ethiopian Data Protection Laws:
    • Adheres to Ethiopia’s data protection framework, ensuring lawful data processing and storage.
  • Tools for Managing User Consent and Data Deletion:
    • Consent Management: APIs to capture and store user consent for data sharing.
    • Data Deletion: Endpoint (/v1/data/delete) to process user requests for data removal, with confirmation logs.
    • Access tools via the developer portal: https://api.birr-connect.com/portal.

Regulatory Compliance

The platform aligns with Ethiopia’s financial regulations for secure and compliant operations:

  • Adherence to National Bank of Ethiopia Regulations:
    • Complies with open banking standards and KYC requirements for user identity verification.
    • Ensures all integrations meet anti-money laundering (AML) and counter-terrorism financing (CTF) guidelines.
  • Audit Logs for Tracking API Access:
    • Comprehensive logs capture all API requests, including timestamps, endpoints, and user IDs.
    • Logs are available for regulatory audits via the developer portal for up to 7 years.

Support and Resources

Previous Page

Localization

Next Page

On this page