Security & Compliance
How Truztcube protects identity data — encryption, RBAC/ABAC access control, audit logging, data minimisation, and NDPR alignment.
Identity data is sensitive, and Truztcube is built to protect it end to end.
Encryption
Data is encrypted in transit (TLS) and at rest. API keys and provider secrets are stored securely and never exposed in logs.
Access control (RBAC + ABAC)
Access to organisation resources is governed by role-based and attribute-based policies, so team members only see and do what their role and attributes permit. Admin actions are separated from the customer verification surface.
Audit logging
Every verification and administrative action is written to an immutable audit log with the actor, action, resource, timestamp, and context — evidence for your own KYC and compliance position.
Data minimisation
Truztcube stores the minimum needed for audit and reconciliation:
- The searched identifier (NIN/BVN number) is stored masked, never in full.
- Biometric images are passed through in the response where entitled, and not persisted.
- Empty register fields are omitted from responses rather than stored.
NDPR alignment
Data handling is designed to align with the Nigeria Data Protection Regulation. The lawful basis
for each check is the caller's responsibility — recorded per request via requestReason (NIN) and
the consent assertion (consentGranted / consentReference, BVN).
Related
- Authentication
- ID Verification — consent & request reasons.