Particeep Plug and security
Particeep is EOSP certified (essential outsourced service provision) by several banks and insurance companies including: Société Générale, Crédit Agricole and Crédit Mutuel Arkéa for example.
What criteria has Particeep been audited?
The following points were audited, and the results were great:
- Security obligations
- Physical and environmental security
- Asset management
- Cryptography
- Operational safety
- Access control
- Communications security
- Acquisition, development and maintenance of information systems
- Management of information security incidents
- Information Security Aspects in Business Continuity Management
- Relations with third-party suppliers
Regarding our applications, we comply with OWASP (Open Web Application Security Project) standards.
Connect Particeep Plug and its IS
Case 1: I do not have an API and my processes are not digitized
- You make the Paper documentation available to Particeep
- Particeep replicates your product in its API; the offer thus becomes accessible in an open and secure infrastructure
- You use the space made available by Particeep to configure your subscription routes
- Your processes remain unchanged
Case 2: I have APIs or webservices
- You provide the technical documentation
- Particeep takes care of integrations with the Plug solution
- You use the space made available by Particeep to configure your subscription routes
- Your processes remain unchanged
Case 3: How to retrieve customer data in the Plug solution
- Particeep gives you access to its API
- You can directly make requests to the API to retrieve the desired data, but this requires IT development on your part.
- It is possible for Particeep to automate the retrieval of the desired data via a secure url by setting up a personalized webhook.
You provide Particeep with a flat file template (csv) with the data and format you want.
Particeep sets up an automated generation process for this flat file which will be consumed by your systems. No development is required on your part
Regarding the authentication criteria, we respect the standards for delegation of authentication via Oauth1 and 2 or macaroons for decentralized authentication.