Architecture & Trust

What your CISO needs to see.
What your examiner needs to read.

Full technical architecture, defence-in-depth layers, RBI FREE-AI control mapping, and honest certification status. No marketing. No vague assurances.

Platform at a glance

The architecture in four numbers.

8
Defence-in-depth layers from transport to audit chain
100%
Queries logged to immutable audit trail
0
Third-party sub-processors with access to customer data
India
All data, embeddings, and inference traces stay in country
Defence-in-depth

Eight independent security guarantees.

Each layer operates independently. A failure at one does not cascade to the next — and each guarantee is verifiable by your security team.

LayerNameHow it worksWhat it guarantees
L1TransportTLS 1.3 enforced on all connections; HSTS preloadedNo plaintext data in transit — ever
L2Identity & sessionPhishing-resistant authentication, short-lived tokens, sessions bound to tenant contextIdentity verified before any resource is touched
L3Request authorisationEvery API call validated against tenant context before execution reaches the data layerNo request proceeds without an explicit authorisation check
L4Least privilegeDatabase connection demoted to minimum-required role per request; superuser access structurally unavailable to the applicationApplication code cannot exceed its declared permissions
L5Storage isolationRow-level policy enforced at the database engine — not the application — with both read and write guardsTenant A data is unreachable from Tenant B at the storage layer
L6Search isolationDocument retrieval scoped to tenant at the index layer before results are returnedNo cross-tenant document leakage through search or retrieval
L7Encryption at restPer-tenant encryption keys; PII fields carry a second encryption pass independent of the primary storeA storage dump yields no readable customer data
L8Audit integrityAppend-only log with cryptographic chaining across every inference and data event; no record can be modified or deletedEvery action is permanently attributable and tamper-evident
AI controls

Security controls designed for AI, not retrofitted from the last decade.

AI systems introduce attack surfaces that traditional security frameworks weren't built for. These controls address each one directly.

ControlImplementation
Hallucination mitigationAnswers grounded in retrieved context only; model surfaces uncertainty rather than inventing — every response cites the source it drew from
PII auto-redactionAadhaar, PAN, IFSC, GSTIN, UPI, mobile — detected and redacted before the model context window is assembled
Prompt isolationUser input is structurally separated from system instructions; role boundaries enforced at the prompt layer, not relying on model instruction-following alone
Model pinningModel version locked per tenant tier; behaviour cannot change without an explicit upgrade decision and audit entry
Inference auditEvery prompt, retrieved context, and completion stored in an append-only, cryptographically chained audit log
Data residency enforcementAll inference routed within India — model calls, embeddings, retrieval — nothing crosses the geographic boundary
Spend controlsPer-tenant token budgets with hard limits; anomalous usage patterns trigger alerts before they become incidents
Human-in-the-loopCredit decisions, compliance filings, and audit outputs require explicit human sign-off before any downstream action is taken
RBI FREE-AI

Eight FREE-AI controls mapped to Anvax implementation.

RBI's FREE-AI framework defines governance requirements for AI in regulated financial entities. Here is how Anvax implements each.

RefControlAnvax implementationStatus
R7AI Use-Case RegistryEvery AI use case catalogued with business purpose, data inputs, and risk classification — exportable for examiner reviewLive
R8Board oversight docsBoard-level AI governance documentation synthesised automatically from the audit trailLive
R15Periodic board reportingUsage, incident, and risk summaries generated on a defined cadence for board-level visibilityLive
R17Model version governanceEvery model version change logged with date, rationale, and approval; rollback is a single operationLive
R18Human gate on high-riskCredit decisions, compliance filings, and audit outputs require explicit human sign-off before executionLive
R19Explainability by designEvery AI output cites the specific source document and retrieval context it drew from — not a post-hoc explanation layerLive
R23Immutable inference trailCryptographically chained audit log across every inference event; no record can be modified or deleted after the factLive
R26Real-time LLM monitoringToken usage, latency, error rates, and behavioural anomalies monitored continuously — not sampledLive
Engineering posture

Architecture commitments your security team can hold us to.

P95 < 1.4s
End-to-end query latency including model call and audit write
99.9%
Uptime SLA on Growth tier and above
India
All data, embeddings, and inference traces stay in country
0
Third-party sub-processors with access to your tenant data
Certifications

Honest status. No vanity badges.

We list what is live, what is in progress, and when we expect to complete it. No checkmarks for certifications we haven't started.

Live
DPDP Act 2023
Controls implemented
In progress
SOC 2 Type II
In progress
In progress
ISO 27001
In progress
In progress
CERT-In empanelment
Initiated
DPDP Act 2023

India's data protection law, implemented by construction.

The Digital Personal Data Protection Act 2023 requires data minimisation, purpose limitation, and breach notification. Anvax satisfies all three at the platform level.

DPDP requirementAnvax implementation
Data minimisationOnly required fields ingested; PII auto-redacted before LLM context window
Purpose limitationSystem prompts scoped per role; model cannot deviate from defined purpose
Consent recordConsent events logged to append-only audit_log with timestamp and session ID
Breach notificationReal-time anomaly detection; security team alert within 15 minutes of detection
Data fiduciary obligationsCustomer retains ownership; Anvax is data processor; DPA available on request
Right to erasureTenant data deletion pipeline with cryptographic key destruction for DEK-encrypted fields
Downloads

Technical documentation for your security team.

Leave your work email and we'll send the documents directly. No sales call required for security review.

Security architecture brief

12-page PDF covering the full defence-in-depth stack, threat model, encryption architecture, and RBI FREE-AI control mapping. Suitable for CISO review and vendor security assessment.

Request PDF

Penetration test summary

Executive summary of the most recent third-party penetration test. Includes scope, methodology, findings classification, and remediation status. Available under NDA.

Request under NDA