Security is in Prometeo's DNA

We recognize the vital importance of safeguarding the integrity of our clients' financial data. Here we explain how we do it.

locker code

We are leaders in security

To achieve this, we design each of our products following the best practices in information technology service management, providing the guarantee and trust that our clients seek.

Our extensive experience in developing technological infrastructure for the financial sector through APIs has allowed us to ensure that every step of the process is safeguarded through various security measures.

We are supported by our international certifications

At Prometeo, we have an information security management system that includes internal policies, regular audits, and documentation on the 'why' and 'how' information assets are protected.

We have ISO 27001 certification, the international standard that describes how to manage information security within a company. This system is used to protect the confidentiality, integrity, and availability of information. Additionally, it allows us to identify and foresee any information security risks effectively.

ISO 27001
web browser

How Prometeo's security works

Our platform is specially designed on a security architecture that complies with all industry legal and compliance standards.

Secure connections and access

  • infraestructure

    We connect by creating a cryptographic bridge between the financial institution and the client. This connection allows us at Prometeo to communicate directly with the institution so that only the end-user can access their bank account data or initiate a payment.

  • green shield

    This guarantees our clients that we do not store credentials or share any type of sensitive information.

  • dark shield

    The data remains secure and private at all times as the information travels encrypted end-to-end using TLS 1.2 or higher with secure ciphers.

  • padlock

    To access our system, our team must use two-factor authentication, as well as storing keys in password managers.

  • computer

    We also provide authentication through API Keys. The API Key is an identifier found in the Prometeo Dashboard that allows our clients to start using Prometeo's service by sending requests to our APIs.

Know more in ourPrivacy Policy

Multiple layers of security

Our infrastructure features several levels of security to keep information safe at all times:

  • check

    Prometeo's platform is hosted on Amazon Web Services, the leading cloud service provider with the highest standards of data security and privacy, including ISO 27001, PCI-DSS, and SOC 2.

  • check

    We have Web Application Firewalls that enable us to monitor, filter, and block any malicious traffic.

  • check

    We conduct biannual security tests with our specialized team to identify and address any security vulnerabilities in our infrastructure and applications.

  • check

    We adhere to security procedures in accordance with the ISO 27001 standard.

  • check

    We provide security training for our entire team, disseminating our security policy throughout the company.



Our 24-hour monitoring system allows us to track the status of our connections and monitor alerts in real-time.

Our systems are protected by an Intrusion Detection System (Host IDS), designed to identify any unusual activity in accessing our servers.

We receive real-time reports on access logs, ensuring active defense against potential threats.

What are we going to build together?

Want to know more?Contact us!
2024 Prometeo Open Banking
Contact: +598 9672 6320