Security

we deeply understand the importance of data security for payment initiation business we adopt the following measures to ensure the security of communication network protocol all requests must be done using https and our access tokens have expiration time definitions according to the brazilian open finance specifications keys or credentials our keys are all secured by aws cloudhsm, which is fips verified hardware passwords saved on our database are always encrypted with high security algorithms (rsa256) infrastructure we use aws as the infrastructure and strictly follow cloud native best practices in terms of compliance, network isolation vpc, resource access rights, vulnerability detection, etc allowed ip addresses to ensure webhook notifications reach your webhook listener server, you must add the following klavi ip addresses to your firewall’s allowlist environment ip address sandbox 18 231 92 86 testing 18 231 92 86 production 18 230 43 17 no matter how you receive shared data, the export ip addresses for klavi's various environments are as shown above if partners have stricter security requirements, you can only allow access to the above ip addresses