Vantage

Security

Built like the regulated lenders we serve.

Vantage moves money for banks, MFIs, and government programmes. That means the platform’s security posture is not a marketing checkbox — it is what we are evaluated on before any partner gets to commercial discussions. Here is what is in the box on day one.

Authentication & session control

JWT-based auth with 15-minute access tokens and 7-day refresh. Bcrypt for password and PIN hashing at min 12 rounds. Auth endpoints are rate-limited at 5 attempts per minute. Three failed card-PIN attempts auto-lock the card.

Role-based access at every route

Every API route declares the role(s) allowed to call it — super_admin, partner_admin, partner_user, farmer, dealer. The dependency graph is enforced by FastAPI, not by middleware that can be bypassed by route bypass.

Multi-tenant isolation

Partner data is logically isolated at the repository layer. BaseRepository auto-scopes every query by tenant_id pulled from JWT claims via TenantMiddleware. Cross-partner reads are blocked at the SQL level, not just the UI.

Encrypted data at rest and in flight

PostgreSQL encryption-at-rest on the managed cluster, TLS 1.3 between every service hop. Card numbers are never stored raw — only a bcrypt hash plus the last four digits. KYC documents live in object storage with signed-URL access, never on disk.

Immutable financial ledger

Every cent that moves through Vantage writes a balanced double-entry journal line. The ledger is append-only — corrections post compensating entries, never overwrites. Quarterly audit exports are one click and reconcile to the cent.

KYC compliance framework

Per-country KYC engines for ZW, ZM, KE, NG, ZA, BW, with a plug-in interface for new markets. Document types, ID formats, watch-list checks, and review SLAs are configurable per partner policy and per country regulator.

Backups, monitoring, response

Daily encrypted database backups with 30-day retention. Sentry instrumentation on both frontend and backend. Structured audit logs on every authentication, allocation, redemption, and settlement event. Security disclosures handled at security@vantage.co.zw.

Data residency on Enterprise

Default deployment uses a managed PostgreSQL cluster in a single region. Enterprise customers can request in-country data residency — typically a dedicated database per country, sharing the same application binary.

Found a security issue? Email security@vantage.co.zw — we acknowledge within 24 hours and follow coordinated disclosure.