Trust Center

Security and Trust

Transaction-Network sets the highest standards for security, privacy, and availability. Our platform is built on a multi-layered security architecture and meets international security standards.

Security Infrastructure Compliance Privacy Status Contact

Our Approach

Multi-Layered Security Architecture

Security at Transaction-Network is not an afterthought - it is embedded in the platform architecture from the start. Our Security by Design approach ensures that every layer of the platform is independently protected.

From the network perimeter to access controls and data encryption, our security measures interlock to form a robust shield for your data and processes.

10+

Security Layers

24/7

Monitoring

100%

Encryption

Security Areas at a Glance

Every area of our platform is subject to defined security measures and is continuously monitored and improved.

Security

Our platform follows a Security by Design approach - security is not an add-on, but integrated into the architecture from the ground up.

Multi-layered security architecture
Zero Trust model
Continuous security monitoring
Penetration tests and vulnerability analyses
Structured incident response processes

Infrastructure

The platform runs on a modern cloud infrastructure that meets the highest requirements for stability and security.

Hosted on Amazon Web Services
Isolated cloud networks
Firewalls and network segmentation
Secure server configuration
Regular patch management

Data Security

Protecting data during transmission and storage is our highest priority.

Encrypted communication (TLS)
Encryption of stored data
Secure key management
Protection of data integrity and availability

Access Control

Access to systems and data is strictly controlled and limited to the necessary minimum.

Role-based access control
Least privilege principle
Two-factor authentication
Centralized user management

Monitoring

The platform is monitored around the clock to detect anomalies and threats early.

Security monitoring
Real-time alerting
Vulnerability analyses
Automated security tests

Availability

We ensure system availability through redundant structures and proven recovery processes.

Regular automated backups
Geographically redundant storage
Disaster recovery processes
Regular recovery tests

Compliance

Transaction-Network aligns with international security standards and meets the requirements of relevant regulations.

GDPR-compliant data processing
ISO 27001 oriented security management
SOC 2 security requirements
Regular audits

Privacy

Data privacy and the secure processing of personal data are a core part of our platform philosophy.

GDPR-compliant data processing
Defined retention periods
Transparent data deletion

Standards & Certifications

Our security measures align with internationally recognized standards.

ISO 27001 CertificateClick to enlarge

ISO 27001

Information Security Management

Amazon Web Services

Cloud Infrastructure & Hosting

Hiscox

Cyber Insurance

SOC 2

Security & Availability Controls

GDPR

EU General Data Protection Regulation

ISO 27001

Information Security Management

SOC 2

Security & Availability Controls

Zero Trust

Modern security paradigm

Documentation

Our security documents are available to qualified partners and customers upon request. Feel free to reach out.

TN Security Concept

PDF - Upon Request

Our security concept describes the complete security architecture of the platform - from network protection and access controls to incident response processes.

Request Document

Technical and Organizational Measures

PDF - Upon Request

The TOMs document all technical and organizational measures for the protection of personal data pursuant to Art. 32 GDPR and form the basis for data processing agreements.

Request Document

Penetration Test Results

Independent security analysis of our web application and API by TUV Rheinland i-sec GmbH.

TUV Rheinland i-sec GmbH

Member of TUV Rheinland Group - Security Analysis of a Web Application and API

Test period: June 16, 2025 - June 23, 2025OWASP WSTG Methodology

TUV Rheinland i-sec GmbH was commissioned by Transaction-Network GmbH & Co. KG to conduct a security analysis of the web application and API. The goal was to evaluate the application for security risks in accordance with the OWASP Web Security Testing Guide (WSTG). A large portion of the application functionality was able to be tested during the test period.

Positively Assessed

No exposure of sensitive data.
Fully encrypted communication - all sensitive information is transmitted over encrypted channels.
No endpoint could be exploited for unauthorized database queries.

Identified Vulnerabilities

Use of wildcard certificates, which may increase the risk of domain-wide security gaps.
One API endpoint allowed the injection of unauthorized code that could be executed in the user's browser.
User sessions do not expire after inactivity, increasing the risk of unauthorized access.

Overall Result

In the configuration tested, the application demonstrates a high level of security. Identified vulnerabilities were prioritized, addressed, and resolved.

Service Status

Current availability and operational status of our services - transparent and in real time. Our status page provides information on ongoing incidents, planned maintenance, and the historical uptime of all platform components.

All Systems OperationalLive Status

Platform & APIOperational

Data ProcessingOperational

AuthenticationOperational

NotificationsOperational

Detailed information on the official status pageOpen Status Page

Security Contact

Reports of security vulnerabilities or questions about the platform can be submitted at any time. We take every report seriously and respond promptly.

security@transaction-network.com

Further Legal Information

Imprint Privacy Policy Platform Security Service Status