Identity and Access Management (IAM) in Vaultera Switch is designed to provide a secure, user-friendly, and well-regulated environment. By implementing best practices for authentication and access control, Vaultera Switch ensures data confidentiality, operational efficiency, and compliance with global standards.

Authentication Methodology for Vaultera Switch APIs

1. Admin Services Authentication

Administrative services require robust, multi-layered authentication. Access is limited to specific personnel within the Vaultera Switch team via an additional API key to maintain backend security.

2. Merchant Authentication

Merchants accessing Vaultera Switch APIs benefit from strong authentication mechanisms to safeguard their accounts and transactions. For detailed guidance on merchant authentication, refer to the API documentation.

3. Vault Authentication

The Vaultera Switch Vault employs a distributed key management approach. Key custodians must collaborate to initiate the application, ensuring no single individual can independently alter or access the vault. This design prevents unauthorized tampering and enhances the overall security framework.

Identity and Access Management in AWS

1. User Authentication

Vaultera Switch employs Multi-Factor Authentication (MFA) in conjunction with network and device whitelisting to ensure secure user access.

2. Access Controls and Role-Based Access Control (RBAC)

  • Granular Permissions: Administrative roles are clearly defined with specific permissions, ensuring users only access functionalities necessary for their roles
  • Distributed Access Model: Vaultera Switch employs a distributed model where no individual has complete control over administrative operations
  • Principle of Least Privilege: Permissions are restricted to essential tasks to mitigate unauthorized access risks

Benefits of Vaultera Switch IAM

  1. Enhanced Security: Multi-layered authentication, key management, and RBAC reduce vulnerabilities
  2. Operational Efficiency: Clear role definitions and access models ensure streamlined workflows
  3. Compliance Assurance: Meets global regulatory requirements, including PCI DSS and ISO 27001 standards
  4. User Trust: By minimizing risks and safeguarding data, Vaultera Switch fosters confidence among merchants and partners