FCA-authorised payment infrastructure with ISO 27001, SOC 2 Type II, and PCI DSS Level 1 certifications. Bank-grade security for every transaction we process.
> 1500
Solved client’s cases
98%
Average growth of profit
10/10
Successful transactions
GDPR & data protection
Get started
Purpose limitation
Customer data is used solely for payment authorisation and fraud prevention. Purposes are declared at point of consent via OAuth 2.0 scope declarations and never extended without fresh consent.
Data minimisation
We only collect payment-essential data obtained via Open Banking APIs. No behavioural tracking, no advertising analytics, no third-party data enrichment beyond fraud prevention.
Storage limitation
Transaction records retained for 5 years per FCA AML requirements. Customer profile data deleted within 30 days of account closure request. Automated purge pipelines with audit trail.
Data subject rights
Automated access, portability, rectification, and erasure requests processed within statutory deadlines. Responses delivered in machine-readable format.
Security сontrols
Defence-in-depth architecture with multiple independent layers of protection.
Encryption at rest
AES-256 encryption for all stored customer and transaction data. Hardware security modules (HSMs) for cryptographic key management with FIPS 140-2 Level 3 compliance.
Encryption in transit
TLS 1.3 enforced for all API communications. Certificate pinning implemented on mobile SDKs. HSTS preloading across all public endpoints with zero downgrade paths.
Access controls
Role-based access control (RBAC) with principle of least privilege enforced across all systems. Multi-factor authentication mandatory for all administrative access.
Infrastructure security
AWS SOC 2-certified data centres in UK and EU regions. Redundant infrastructure across multiple availability zones with automated failover.
Routing
Engine
Open payments for everyone. Secure bank-to-bank transactions across Europe, built for businesses that demand more from their payment infrastructure.
© 2026 Rex Payments Ltd. All rights reserved.