Secure Financial Data Access & Sharing | Trusted Solutions by Akoya

Our steadfast approach to security

Akoya uses the National Institute of Standards (NIST) Cybersecurity Framework and Center for Internet Security (CIS) principles to guide and establish our overall security program. This includes documented policies, standards, controls, and commitments to satisfy the requirements defined in each policy. The Akoya Information Security team manages our information security policy portfolio and its lifecycle management, including policy creation, changes, approvals, exceptions, and removal.

The goals of Akoya’s cybersecurity and risk program include:

Safeguarding the preservation of confidentiality, integrity, and availability of Akoya systems and information
Protecting customers, employees, and the Akoya business
Ensuring Akoya’s reputation as a trusted service provider is upheld

COMMITTED TO SECURITY AND PRIVACY

Security strategy

Our goal in developing and implementing these data security measures is to instill confidence in data providers and data recipients joining Akoya’s data access network and, more broadly, to bring about a safer and more cyber resilient Open Finance ecosystem.

Secure data handling

Intended to protect both our organization and customers against evolving threats, Akoya maintains a policy defining strict requirements for information classification, labeling, handling, monitoring, and disposal (i.e., lifecycle management) for all Akoya data.

Encryption

All data traversing our platform is encrypted in transit using industry standard encryption algorithms. Encryption at rest for customer data is not required because Akoya does not store personal customer data.

Frameworks & architectures

Akoya adheres to industry standards for our systems and infrastructure to ensure that data is protected, users are safe, and businesses can thrive in an open market. Taking into consideration Akoya’s risk appetite, our policies are continuously guided by NIST, CIS, COSO, laws, regulations and industry best practices.

Security models & protocols

Akoya has adopted and integrated several innovative security models and protocols to keep its assets and data safe from unauthorized access.

Zero Trust

Akoya’s platform is built on the Zero Trust security framework. Zero Trust requires all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data. 

Least privilege

Defense in-depth

Trusted for secure financial data access and sharing

“ The data recipients that the customer authorizes to connect to their U.S. Bank account through Akoya will receive authorized and permissioned access to U.S. Bank customer data, all while giving consumers the confidence that their data is safe and secure. ”

Gareth Gaston, EVP & Chief Digital Officer, Enterprise Platforms & Capabilities

“ Partnering with Akoya gives hundreds of community banks and credit unions the ability to bring more fintech apps within their own ecosystem and empower consumers to better control their data privacy and security. ”

Ben Metz, Chief Technology Officer and Chief Digital Officer

Akoya’s approach to third-party risk management

Akoya’s data access network is inclusive of the entire financial services industry and serves fintechs, data aggregators, financial institutions, and credit unions. In this highly regulated yet diverse ecosystem, Akoya’s third-party risk management services ensure both network data providers and data recipients receive a comprehensive, transparent, streamlined solution.

FINANCIAL INSTITUTIONS OVERVIEW

FINTECHS OVERVIEW

Security is at the heart of everything we do