Our products use strong military-grade security standards to protect you and your customers' data and ensure users' privacy. Security measures are implemented for both data at rest and data in transport.
Our database servers encrypt data using encryption algorithms. The encryption keys are rotated and managed in a network separated from the database and application servers. They are stored in a fault-tolerant key management cluster with limited access. The master key is kept in a secure vault to ensure maximum security.
All data served over our REST API uses HTTPS. We regularly audit our security setup to ensure that the certificates we serve are current. We force HTTPS for all connections to our API server to ensure that data is always encrypted during the transport from our server to your application. You must use the same methods to ensure that data is encrypted to the end user.
We log all the API calls and track the interactions with web services for later review.
Depending on the type of data integrations that are necessary, JengaAPI will ensure the redaction of all sensitive financial information in accordance with the applicable laws in the Republic of Kenya.