Tech
The People's Clearinghouse implements state-of-the-art financial software based on open source, which uses efficient and secure transfer technologies, prioritizing the privacy and security of participants’ and their clients’ information.
VNext
Adapted to the Mexican regulatory context and the needs of the sector, the platform integrates financial entities as participants and securely records transfers between their clients and partners.
Adapted to the Mexican regulatory context and the needs of the sector, the platform integrates financial entities as participants and securely records transfers between their clients and partners.
The architecture of our platform can be summarized in the following diagram:
Rafiki
To offer international remittances, People's Clearinghouse integrates a Money Transmitter, which uses the Interledger Foundation's Rafiki technology to record payment obligations coming from entities abroad in real time, following national and international AML standards.
In order to manage instant transfers, the Transmitter converts Rafiki payment instructions into payment instructions from the vNext clearing platform, which are credited in a matter of seconds to the accounts of clients and members of the corresponding entities.
The Rafiki Money Transmitter process can be summarized in the following diagram:
Security
The People's Clearinghouse implements cutting-edge technologies in terms of information security to protect the privacy, reliability and immutability of the payment instructions that pass through its platform.
In particular, the People's Clearinghouse implements:
mTLS
Transport layer protocol that authenticates both the client and the server securely.
OAuth 2.0
Protocol that establishes an authorization framework to delegate access to specific resources.
JWT (JSON Web Tokens)
Standard for using tokens to authenticate the exchange of information.
RBAC (Role-based Access Control)
Segmented access control by roles, using authentication certificates.
“Zero trust security” framework
Requirement that every user and every service on the platform be authenticated, authorized and continually validated before obtaining or maintaining access to applications and information in any part of the platform.
