Data Center security
- The Affix API service infrastructure is hosted on Amazon Web Services (AWS)
- The Affix API connect front-end application is hosted on Vercel, the dev front-end application is hosted on Cloudflare Pages
- We follow AWS best practices which allows us to take advantage from their secured, distributed, fault tolerant environment. To find out more information about AWS security practices, see: https://aws.amazon.com/security
Failover and Disaster Recovery
- Our infrastructure and systems use only serverless AWS services, which provide high availability. Example of serverless services used in the Affix API architecture: AWS API Gateway, AWS Lambda, AWS DynamoDB.
- AWS itself will manage availability within regions for its serverless services.
- All of the application service infrastructure, as well as the underlying AWS infrastructure, is codified. In the highly unlikely event that an AWS region is down, a redeployment to a different region is a simple task, due to all of the infrastructure being codified.
Data Storage and Retention Policies
- Our intention is to act as the glue between the developer and the provider.
- We view data as a liability. We store as little data as possible, and only enough to satisfy the developer’s api requests with as little latency as possible. We have no interest in the content of the data.
- We do not sell user data. We only share user data with a single party, the developer, and only user data that the user has explicitly authorized us to share.
- We store cookies, usernames, and passwords for valid access tokens, which is how we provide access to providers.
- Usernames and passwords are captured, encrypted via an AWS KMS symetric key with key rotation enabled, and stored (ciphertext only) in an AWS DynamoDB table (encrypted at rest). The reason we store username and passwords is to increase our service quality; without it, a token would only last two weeks. When storing, we can use it to refresh the cookies, and thus have a token that lasts years.
- Our database, AWS DynamoDB, is secured via AWS IAM, and internal systems are provided access via the principal of least privilege.
- Our encryption key, a Customer Managed Key behind AWS KMS, is secured via AWS IAM, and internal systems are provided access via the principal of least privilege.
- Our systems use AWS Cloudwatch for logging. Our log retention policy is two weeks.
- Client requests are logged, but the Authorisation header / JWT signature is stripped before logging, ensuring that even Affix engineers cannot replay your request and see your customer’s data.
- To debug errors that may occur with user configurations we may not have seen before, we may programmatically screenshot errors on a customer account while attempting to fulfill your API request. The screenshots are only generated when an unexpected error occurred, and are only used for debugging said error, and are used for no other purpose. The retention policy on those screenshots is five days. The AWSS3 bucket that temporarily holds this data is encrypted at rest, is not public, and additionally has public access block enabled.
- When a developer calls our /disconnect endpoint, your cookies, username, and password are wiped permanently from our system.
Encryption
- Traffic between you or customers and the Affix API application is encrypted in-transit with TLS.
- The database (AWS Dynamo) and related cache stores are encrypted at rest.
- Usernames and passwords are stored at a heightened level of encryption: they are stored as cipher text only, encrypted via an AWS KMS Customer Managed Key with key rotation enabled.
Source Code
- Application infrastructure is codified via aws-cdk, and AWS infrastructure is codified via org-formation, and all changes to infrastructure or application source code are done via git.
- Test coverage for all Affix API source code repositories is 81% as of January 2024.
- Dependencies are kept up to date automatically with dependabot. Additionally, if dependabot detects a vulnerable dependency version via the CVE database with a corresponding library fix, it will automatically resolve the vulnerable version without Affix API intervention.
- Access to source code is secured with two-factor authentication.
Caching
- We cache to reduce latencies, but our retention policies on cached data is always less than two weeks, and typically 1 hour or less, and is deleted automatically with a TTL (Time-to-live) set on the table. The caches are stored as either AWS DynamoDB tables or as files on AWS S3 depending on cache item size, but either method will store the data encrypted at rest.
Internal IT Security
- Access to AWS infrastructure, source code, are secured with two-factor authentication. Access to third party systems utilize two-factor authentication whenever possible.
- Employees are given the lowest level of access that allows them to get their work done, and employee contracts include a confidentiality agreement. Only authorized employees would have access to our software version control.
Third party systems
- We use Sentry for error alerting. Any sensitive payloads sent to Sentry are removed of their sensitive or identifiable values before sentry. Additionally, we have Sentry’s “data scrubbing” feature enabled, which scans and deletes any sensitive data that may have been sent, as well as removes ip addresses detected.
- We occasionally use oxylabs.io proxies & residential IP addresses to bypass bot-checks from providers
- Oxylabs.io’s privacy policy: https://oxylabs.io/legal/privacy
Payments
- When you purchase a paid Affix API client_id, your payment data is not transmitted through nor stored on Affix API systems.
- When you pay invoices to Affix via Revolut, your payment is processed using PCI Compliant service providers.
- When you are invoiced monthly based on your token usage, we invoice you via Revolut and you are able to pay your invoice via Revolut. Revolut is certified to PCI Service Provider Level 1.
Responsible Disclosure
- If you have discovered a vulnerability in the Affix API application or services, please contact us at dev@affixapi.com.
- We review all security concerns brought to our attention, and we take a proactive approach to emerging security issues.
Contact us
If you have any questions, please contact us at dev@affixapi.com