Deploy the Particeep solution in its information system

Particeep offers solutions for the marketing of financial products and services that can be deployed according to the mode of your choice.

• In the cloud (SAAS mode)
• On your own servers or on your own cloud (On-Premise mode)

Deploying the Particeep solution on your own infrastructure generates relatively significant additional license fees.

For reasons of rapid deployment, simplified maintenance, scalability and security, we strongly recommend the SaaS mode.

The elements of technical documentation on safety

Particeep provides several documents related to its technology for marketing online financial services.

• A business documentation that details the turnkey financial microservices offered: Business documentation of the Particeep API
• An interactive documentation allowing to test our microservices in real time: Interactive swagger documentation of the Particeep API
• Practical documentation for setting up your environment and writing the first lines of your solution based on Particeep technology: Practical documentation and examples of integration codes

Security

From a regulatory point of view, Particeep complies with GDPR regulations.

Our technical API documentation details the security methods implemented: the security of your access to the Particeep API.

Password management

Whether you use our turnkey platforms or our API, we allow you to store your users' passwords in our API while respecting security standards.

The passwords are hashed and salted before storage in the database. Thus in the event of a security breach, the integrity of passwords is preserved.

Our API offers SMS sending in partnership with Twilio which allows you to easily set up a 2-factor authentication

For turnkey platforms you can define the format of passwords with a regular expression (minimum number of characters, etc.)

Application security

We pay special attention to protecting ourselves against the most widespread security breaches like the top 10 OWASP.

We have several internal processes to guarantee this level of security, including:

• Aggressive update of our libraries so as not to drag an old security breach
• Securing all connections between our applications: we do not rely on a single firewall
• Systematic use of SSL
• Compliance with Cloud standards such as the "12 factor app" from the design of applications
• Our host Clevercloud manages data security in data centers if you opt for cloud hosting.

If you want to ensure the security of Particeep applications, we can discuss the implementation of penetration testing by your teams or providers. For example, such tests were carried out in November 2017 by the digitalsecurity teams of the company Econocom: our solution complies with banking security standards.

Interface with Particeep technologies

Everything is in place so that the interfaces with the Particeep API are done in real time. We respect the codes of reactive programming and we rely on events to manage changes in the information system. All these events can be "listened" via a webhook to react to them in real time.

• To understand how a webhook works and interfaces a third-party solution: Interfacing a third-party solution to the Particeep API
• To technically understand how a webhook works: Webhook and Particeep API
• A multi-application interfacing use case: Interfacing the Particeep API with several third-party applications

Particeep on-premise

Limitations

If you opt for the on-premise option, be aware that certain limitations may apply:

• Not all Particeep services are necessarily available on-premise.
• Maintenance and development will necessarily be slowed down compared to SaaS mode.
• There will be significant installation and training costs.

In general, we recommend the on-premise mode only if a regulation or if your internal legal constraints require you to do so.

Applications

To function properly, Particeep consists of several microservices:

• The main financial services API Particeep
• The scoring API: rules management and independent algorithmic calculation engine. Its use is not mandatory
• The Particeep backoffice: this is your administrator area giving access to all your data in real time and allowing you to interface with third-party solutions. Its use is not mandatory
• The audit log: this is your audit trail. Its use is not compulsory but strongly recommended

Warning: this is an application running on the JVM but they do not comply with J2EE standards.

Infrastructure

For each Particeep application running on-premise we need:

• A JVM with Java 8 or higher on a server with 8GB of RAM and 4-core CPU (minimum)
• A postgresql DB in version 9.5.1 or higher with a sufficient number of connections (100 minimum)

Overall, we need:

• A REDIS cache

For some external services such as payment providers, you will need to set up a VPN with them.

Deployment process

Particeep applications are made to be deployed on immutable infrastructure. This implies that each deployment is done on a new server by following this workflow:

• Get the codebase via git
• Run sbt commands to retrieve project dependencies. It implies internet access to the Maven-type repository
• Allow the injection of environment variable in the build
• Package and run the project on a Linux server

This workflow must be able to be executed automatically

Hosting

We need the following:

• Access to the server must be done via https from the internet
• The server must access the internet for different services (AWS S3, aggregation of logs, automatic mailing, etc.)
• The different applications must be able to communicate with each other via HTTP and TCP (necessary for scaling) Ex: back office and API Particeep
• Additional technical details will have to be dealt with such as web frontend headers etc ...

Given the complexity of setting up the on-premise environment, this option is the subject of a specific study by our teams.