Security program
Controls that stand up to institutional scrutiny
Oversight Innovative Technologies builds Weyone Korpor for supervised lending. That means defense in depth across sessions, authorization, data protection, and operational resilience — paired with documentation you can hand to risk, IT audit, and vendor management teams. The statements below describe the application’s intent; your deployment architecture and contracts determine the final control matrix.
Control domains
How we think about bank-grade security
These domains align with common FFIEC/ISO-style reviewer questions — mapped to concrete behaviors in the codebase rather than generic marketing promises.
Identity & session security
Staff authentication issues short-lived access tokens. In the web application, those tokens are bound to HTTP-only cookies on your origin, and Route Handlers proxy API traffic so bearer material is not exposed to arbitrary client-side scripts.
Refresh flows and logout invalidate sessions consistently with the API’s JWT blacklist configuration — reducing the risk of stale credentials surviving user sign-out.
Rate limits on login, refresh, and sensitive mutations mitigate brute-force and abuse attempts at the edge of the application.
Authorization, tenancy & segregation of duties
Every tenant-scoped API checks organization membership and Django permission codenames. Administrative shortcuts that bypass tenant boundaries are deliberately avoided — this protects you during co-hosted multi-client reviews.
Branch-scoping allows operations staff to work their book without inheriting visibility into unrelated units, while HQ roles can be granted consolidated analytics under separate permission sets.
Approval workflows and role templates (Admin, Auditor, Loan Officer, Manager) give you a starting point that you harden to match credit policy and internal control frameworks.
Data protection & cryptography
Sensitive payloads such as banking vault material can be protected with application-level encryption using keys you control (Fernet-style envelopes in the API tier).
Object storage integrations rely on short-lived presigned URLs so browsers never hold long-lived cloud credentials.
Transport security terminates at your TLS ingress with modern cipher suites — we assume HTTPS everywhere in production configurations.
Durability, backups & imports
The product specification calls for automatic backups replicated across global locations. Your operations team configures the concrete RPO/RTO targets, but the architecture anticipates institutional expectations for recoverability.
Excel/CSV import paths are hardened with validation and audit trails so migrations from legacy systems remain traceable.
Observability & incident response
Health endpoints support synthetic monitoring from platforms such as Better Stack. Structured logging and optional error reporting integrations assist centralized SOC workflows.
Security headers (frame denial, MIME sniffing protection, referrer policy) ship by default; Content Security Policy can be tightened per environment.
Commercial & billing security (Polar.sh)
Weyone Korpor routes subscription checkout through Polar.sh — a modern merchant-of-record-friendly stack with hosted checkout, customer portal, and webhook events you can verify server-side.
Trials last 7 days; no card charges should occur until Polar confirms an active subscription. Store Polar secrets only on the server and rotate API keys as part of quarterly hygiene.
Map each published tier (Basic, Business, Growth, Enterprise) to a discrete Polar product or price so entitlement changes remain auditable.
Assurance
What you should still do as a customer
No SaaS vendor replaces your own second line of defense. Plan for periodic testing and independent validation.
- Run annual or material-change penetration tests that include authenticated scenarios.
- Integrate application logs and Polar billing events into your SIEM for correlation.
- Document data residency choices for Postgres, object storage, and backup targets.
- Maintain access reviews for staff roles — especially when employees change branches or functions.
Responsible disclosure
If you discover a vulnerability, contact the security channel defined in your enterprise agreement or coordinated disclosure program. Please do not test against production tenants without written authorization.
Need the full packet?
We provide architecture diagrams, data-flow summaries, and integration guides under NDA for qualified buyers. Start with the pricing page to match your tier, then engage us for deeper diligence.