Frequently Asked Questions

a woman working on a computer
Home
Frequently Asked Questions

Security

Network Security

Network Security

Finexio has implemented comprehensive frameworks and policies to achieve the highest level of network security and monitoring. This includes the use of firewalls to restrict access, encrypted HTTPS communication, and continuous risk assessments to safeguard information flow and protect systems from malicious data or actors.

Firewalls

Firewalls are utilized to restrict access to systems from external networks and between systems internally. By default, all access is denied, and only explicitly allowed ports and protocols are permitted based on business needs. Each system is assigned to a firewall security group based on its function, mitigating risk by restricting access to only the necessary ports and protocols.

Finexio is committed to comprehensive fraud prevention and robust cybersecurity measures, reflecting best practices and modern technological standards, including:

  • Encrypted HTTPS Communication: All client-to-platform interactions use RSA 2048-bit keys with TLS 1.3 encryption for secure data transit, supported by SHA-256 and HTTP Strict Transport Security (HSTS) protocols​.
  • Firewall and IDS Monitoring: Continuous monitoring of firewall and Intrusion Detection System (IDS) configurations and logs ensures rapid detection and mitigation of unauthorized activities​.
  • Access Reviews: User access to production environments is routinely audited and adjusted following the principle of least privilege to minimize security risks​.
  • Vulnerability Scanning: Regular Tenable vulnerability scans proactively identify potential attack vectors, offering comprehensive detection and remediation of risks​.
  • Incident Response: A robust Security Information and Event Management (SIEM) framework supports real-time event logging, orchestration, and rapid response, coupled with advanced Intrusion Detection and Prevention Systems (IDPS) to counteract threats effectively​.
Data Centers

Finexio’s physical infrastructure is hosted within Amazon's secure and resilient data centers, leveraging Amazon Web Services (AWS) technology. AWS brings decades of expertise in designing, constructing, and operating large-scale data centers to ensure the highest levels of security and reliability.

Amazon employs robust risk management practices, continuous monitoring, and regular assessments to maintain compliance with global industry standards. AWS data center operations are accredited under the following certifications:

  • ISO 27001: A leading international standard for information security management systems.
  • SOC 1 and SOC 2/SSAE 16/ISAE 3402 (formerly SAS 70 Type II): Ensuring robust internal controls for security and availability.
  • FISMA Moderate: Meeting rigorous standards for federal systems and data protection.
  • Sarbanes-Oxley (SOX): Ensuring compliance with financial reporting and data integrity requirements.

Additionally, AWS data centers feature:

  • Physical access control with 24/7 on-site security personnel, biometric security measures, and video surveillance.
  • Redundant power and cooling systems to ensure continuous, uninterrupted operations.
  • Comprehensive preventative maintenance and monitoring of critical systems to mitigate risks proactively.

These safeguards ensure that Finexio’s platform operates with maximum security, availability, and scalability, empowering customers to manage payments with confidence.

Vendor Management

Finexio’s supplier verification process minimizes risks and costs associated with poor vendor management. We follow documented policies and procedures to ensure secure and accurate supplier verification, including validating changes to bank account information to prevent unauthorized modifications. Our dedicated risk and compliance team screens suppliers against OFAC and other high-risk lists to maintain regulatory compliance. Additionally, our robust compliance program provides automated, comprehensive, and consistent surveillance of all transactions across the network to ensure AML compliance through transaction monitoring.

Network Operations Center (NOC)

Finexio's Network Operations Center provides 24/7 proactive monitoring of IT networks and infrastructure, ensuring uninterrupted platform performance and seamless payment processing. Real-time operational metrics and alerts enable rapid identification and resolution of potential issues before they impact payment flows.

Security Operations Center (SOC)

The Security Operations Center operates around the clock to monitor and respond to potential cybersecurity threats. Finexio’s SOC employs advanced Security Information and Event Management (SIEM) systems to detect, analyze, and respond swiftly to security incidents, ensuring robust protection of the platform and customer data against emerging threats.

Contact Us

Why Finexio?
AP Payments as a ServiceFor PartnersCustomer StoriesPlatform SecuritySystems We Work WithFor CFOsFor AP LeadersFor Technology and Operations
Solutions
Payment Delivery & OperationsSupplier ManagementFraud Prevention & SecurityMonetize PaymentsPayment Reporting & Analytics
Payment Methods
Virtual CardVirtual Card by MailFinexioExpressCheck Payments
Industries
ConstructionHealth CareHigher EducationHospitalityLawManufacturingPrivate EquityWholesale & Distribution
Resources
Help CenterFAQsDevelopersBlogPodcastWhitepapersSolution BrochuresWebinarsEventsVideos
Terms of ServicePrivacy Policy
© Finexio. All rights reserved.