Platform Security
Know more about prepaid cards platform security.
Platform Security defines how Falcon protects prepaid balances, card data, and transactional integrity across the entire lifecycle of a prepaid instrument. Since prepaid systems deal with stored value, security failures directly translate to financial loss, making preventative controls essential.
Security by Design
Falcon’s prepaid platform follows a security-by-design approach:
- No operation is trusted implicitly
- All sensitive actions are gated by validation checks
- Monetary movement is always reconciled against ledger state
Security controls are applied consistently across APIs, internal services, and partner-facing systems.
Authentication and Authorisation
All prepaid operations require authenticated access. Authorisation is evaluated at multiple levels:
- Partner-level permissions
- Product-level permissions
- User and card-level eligibility
For example, even an authenticated request to load funds will be rejected if the wallet is inactive or the user’s KYC does not permit loading.
Data Protection
Sensitive prepaid data such as card PAN, CVV, and expiry are protected using tokenisation and encryption. These details are never exposed in plaintext through APIs or logs. Falcon adheres to PCI-aligned handling practices to reduce data exposure risk.
Transaction Risk Controls
Every prepaid transaction is evaluated in real time for:
- Balance sufficiency
- Channel eligibility
- Limit compliance
- Velocity thresholds
- Merchant category (MCC) rules
Transactions that fail any rule are deterministically declined before authorisation approval.
Updated about 2 months ago