Privacy & Security

Encryption

Earnix provides a secure, reliable, and resilient Software-as-a-Service platform that has been designed from the ground up based on industry best practices.

Earnix secures data using strong, industry-standard algorithms:

• Data in transit are encrypted using standard Transport Layer Security (TLS 1.2)

• Data at rest are encrypted using 256-bit Advanced Encryption Standard (AES-256)

Application Security

Privacy and Security are interwoven by design in Earnix’s solutions. Secure development principles and aspects are defined and integrated into the company’s development processes including but not limited to OWASP top 10, CIS, and AWS secure development recommendations. Formal Secure System Development Life Cycle (SSDLC) procedures are in place.

Access Control

• Both access rights policy and access controls are implemented based on roles, need-to-know, and least privilege principles.

• Rules and principles are set for both granting access rights to the information systems and monitoring the connection to the network.

• The Earnix solution supports the following authentication methods:

  • Single Sign On (SSO) with customer’s Identity Provider (IDP)

  • Multi Factor Authentication (MFA)

  • Auth0

  • JWT token

Data protection

Earnix puts in place appropriate technical and organizational measures to ensure that, by default, data is processed as per Earnix contractual obligations. This applies to the amount of data collected, the extent to which it is processed, the duration for which it is stored, and access control according to need-to-know and least privilege principles.

Earnix implements technical and organizational measures and Sensitive Data Processing Principles in order to effectively implement and integrate necessary safeguards.

Penetration testing

Earnix undertakes penetration tests on an annual basis. The tests cover both the infrastructure (e.g., the AWS infrastructure) as well as the Earnix application itself. Both processes are conducted by an independent external vendor which specializes in cyber security and cloud technologies.

High Availability By Design

Earnix is built on a robust, enterprise-grade cloud infrastructure designed to support high availability of customer critical pricing and decisioning operations. The platform leverages built-in redundancy supported by geographically distributed data centers to minimize single points of failure and reduce service disruption risk. 

This architecture is purpose-built to support high availability where downtime may impact revenue, customer experience, and regulatory exposure. 

Business Continuity, Disaster Recovery, and Resilience

Earnix maintains a comprehensive Business Continuity and Disaster Recovery framework certified under ISO 22301 (Business Continuity Management Systems). 

Cloud deployments are designed in alignment with disaster recovery best practices, leveraging native capabilities of Amazon Web Services (AWS) for resilience, backup, and high availability. The platform incorporates multiple layers of redundancy across infrastructure components, including network connectivity, electricity, and internet access, reducing operational continuity risk during infrastructure failures or regional disruptions. 

Business continuity and disaster recovery controls are regularly reviewed and exercised as part of Earnix’s governance and certification framework. 

Service Resilience and Recovery Targets 

Earnix offers tiered service availability and recovery objectives to support customers’ operational resilience and business continuity requirements. 

Each tier is designed to support different criticality levels for customer pricing and decisioning operations, with defined availability targets and recovery objectives. Final targets are agreed contractually based on customer needs.