Enterprise-Grade Security & 100% Data Sovereignty

Your Data Never
Leaves Your SAP.
Ever.

All AI inference runs inside your BTP. Zero data exported. Zero external API calls. The only thing that reaches Zynoviq is your license ID.

0 Bytes

Sent to Zynoviq

AES-256

Encryption at Rest

SHA-256

Immutable Audit Trail

RSA-4096

License Signing

Download Security Whitepaper Start Free Trial

SOX Compliant

GDPR Art.17

SOC 2 Type II

HIPAA Ready

PCI-DSS L1

ISO 27001

Data Sovereignty Architecture

Crystal Clear: What Stays, What Goes

Two zones, one unbreakable rule. Your business data never crosses the boundary.

YOUR SAP BTP

Customer's BTP Environment

All data stays here. 100% of it.

SAP S/4HANA transaction data

AI models (binary .gguf/.onnx)

Fraud detection alerts & scores

Compliance check results

Supply chain predictions

Full audit trail (7 years)

HANA Vector Engine embeddings

ZYNOVIQ INFRASTRUCTURE

Zynoviq License Server

Only license metadata. Nothing else.

license_id"LIC-2024-00847"

user_count15

apps_enabled["fraudguard", "compliance"]

btp_fingerprint"sha256:a8f3..."

That's it. Four fields. Nothing else.

What NEVER Leaves Your SAP BTP

NO transaction data

NO financial records

NO vendor names or details

NO employee data or PII

NO customer information

NO audit trail contents

Zero-Trust Security Architecture

Six Layers. Zero Trust.
Every Request Verified.

No implicit trust. Every layer independently validates every request. Compromise one layer — the other five still protect you.

Layer 1

Authentication

SAP XSUAA with OAuth 2.0 + OpenID Connect

Every endpoint requires a valid JWT token

No anonymous endpoints — zero exceptions

Token expiry: 12 hours, refresh: 7 days

Multi-factor authentication via SAP IAS

Layer 2

Authorization

RBAC with SAP role templates, minimum 3 roles per domain

Viewer: read-only dashboards and reports

User: run analyses, acknowledge alerts

Admin: configure thresholds, manage users

AuditViewer: read-only audit trail access

Layer 3

Transport Security

TLS 1.3 mandatory for all communication

All BTP internal service-to-service calls encrypted

Certificate pinning for license server communication

No fallback to TLS 1.2 or lower — hard fail

HSTS headers on all HTTP responses

Layer 4

Data at Rest

AES-256 encryption for all HANA tables

All persistent data encrypted in SAP HANA

Encryption keys managed by SAP Data Custodian

Key rotation every 90 days (automated)

Column-level encryption for PII fields

Layer 5

Audit Trail

SHA-256 hash-chained, immutable, 7-year retention

Every action creates an immutable audit record

Hash chain: each record includes previous hash

Tamper detection: broken chain = instant alert

No delete capability for any role (soft-delete only)

Layer 6

Secret Management

SAP Credential Store — zero hardcoded secrets

All secrets stored in SAP Credential Store

Zero secrets in source code, env vars, or config files

Runtime secret injection only — never persisted in app

Automatic secret rotation with zero-downtime

Compliance Certifications

Every Major Framework.
Covered.

Not just checkboxes — deep, structural compliance built into every layer of the architecture.

SOX

Sections 302, 404, 409

Section 302: CEO/CFO certification of internal controls over financial reporting

Section 404: Automated assessment and reporting of internal control effectiveness

Section 409: Real-time disclosure of material changes via automated alerts

Segregation of Duties enforcement across all SAP authorization objects

GDPR

Articles 17, 25, 30, 35

Article 17: Right to erasure — automated PII deletion workflows

Article 25: Data protection by design and by default in every module

Article 30: Records of processing activities with full audit trail

Article 35: Data Protection Impact Assessment documentation included

SOC 2 Type II

All 5 Trust Service Criteria

Security: Zero-trust architecture with 6-layer defense

Availability: 99.9% uptime SLA with automatic failover

Processing Integrity: IEEE 754 precision for all calculations

Confidentiality: AES-256 encryption at rest, TLS 1.3 in transit

Privacy: GDPR-compliant data handling, zero external data transfer

HIPAA

PHI Protection

Protected Health Information (PHI) never leaves customer BTP

Access controls meet Administrative Safeguard requirements

Encryption meets Technical Safeguard requirements

Audit trail meets HIPAA audit logging requirements

PCI-DSS Level 1

Cardholder Data Protection

Cardholder data never processed or stored by Zynoviq

All payment data remains within customer SAP environment

Network segmentation via SAP BTP tenant isolation

Continuous vulnerability scanning and penetration testing

ISO 27001

Information Security Management System

Certified ISMS covering all development and operations

Annual external audits with continuous internal reviews

Risk assessment and treatment methodology aligned with ISO 27005

Incident response procedures tested quarterly

Immutable Audit Trail

SHA-256 Hash-Chained.
Tamper-Proof by Design.

Every action, every decision, every risk score — cryptographically chained. Break one link and the entire chain screams.

Every Audit Record Contains:

timestamp

UTC, millisecond precision

2025-01-15T14:23:01.847Z

user_id

Authenticated user identity

john.doe@customer.com

domain

Engine that generated the event

fraudguard

action

Action performed

INVOICE_ANALYSIS

entity

SAP document reference

INV-2025-004821

risk_score

Computed risk score (0-100)

result

Action outcome

FLAGGED

ip_address

Client IP address

10.42.1.15

hash

SHA-256 of record + previous hash

a8f3e2...c41b

How Hash Chaining Works

Record N-1

data: {action, user, ...}

prev_hash: 7b2c1d...

hash: SHA256(data + prev_hash)

= a8f3e2...

Record N

data: {action, user, ...}

prev_hash: a8f3e2...

hash: SHA256(data + prev_hash)

= c41b9f...

Record N+1

data: {action, user, ...}

prev_hash: c41b9f...

hash: SHA256(data + prev_hash)

= f72d8a...

Tamper detection: If any record is modified, its hash changes, which breaks the chain for every subsequent record. The system detects this immediately and triggers an integrity alert.

7-Year Retention

SOX requirement met. All records retained for 7 years minimum with automated lifecycle management.

Read-Only for Auditors

AuditViewer role grants read-only access. No modification capability for any role — not even Admin.

Export Ready

CSV and PDF export for external audit tools. PwC, Deloitte, KPMG, and EY compatible formats.

Code Protection

8 Layers of IP Protection
in Every .mtar

The distributed binary contains zero readable source code. Reverse engineering cost exceeds building from scratch.

TypeScript Compilation

TypeScript source compiled to JavaScript — original .ts files never shipped

Type annotations, interfaces, and source maps stripped

webpack Bundling

All modules bundled into a single optimized file

Module boundaries, file structure, and import paths eliminated

terser Minification

Variable names shortened, whitespace removed, dead code eliminated

Human-readable code reduced to compact, unreadable output

javascript-obfuscator

Control flow flattening, RC4 string encryption, dead code injection

Reverse engineering cost exceeds rewrite-from-scratch cost

Python Bytecode

Python source compiled to .pyc bytecode — no .py files distributed

Source code inaccessible without dedicated decompilation tools

AI Model Binaries

Models distributed as binary .gguf and .onnx formats

Weights and architecture embedded in opaque binary containers

Encrypted Regulation DB

All 50,000+ regulations encrypted with AES-256 at rest

Decryption keys loaded from SAP Credential Store at runtime only

License Agent Gate

Application refuses to start without a valid RSA-4096 signed JWT

No valid license = no process start. Period.

License Security

5-Layer License Validation
Unhackable. Unbypassable.

RSA-4096 signed JWT, BTP subaccount fingerprint binding, and Certificate Revocation List — license forgery is mathematically infeasible.

Layer 1Startup CheckOn app boot

Real-time server call to Zynoviq license server. Application refuses to start if validation fails.

Network

Required

Latency

200-500ms

Layer 2Periodic CheckEvery 24 hours

Background refresh of license JWT. Runs silently, updates local token cache.

Network

Required

Latency

200-500ms

Layer 3Per-Request CheckEvery API call

Local JWT signature validation. No network call. Validates expiry, scope, and BTP fingerprint.

Network

None

Latency

<1ms

Layer 4Critical CheckOn mutations

Real-time server call for user additions, module changes, or license modifications.

Network

Required

Latency

200-500ms

Layer 5Grace PeriodServer unreachable

7-day grace period if license server is unreachable. After 7 days, app enters read-only mode.

Network

Degraded

Latency

N/A

RSA-4096

JWT Signing

Asymmetric keys — private key never leaves Zynoviq HSM

BTP Fingerprint

Subaccount Binding

License JWT bound to specific BTP subaccount — cannot be transferred

CRL

Certificate Revocation

Instant license revocation with real-time Certificate Revocation List

Multi-Tenant Security

Tenant Isolation at Every Layer

Cross-tenant data access is not just prevented — it is architecturally impossible. Every system enforces isolation independently.

SAP HANA

Separate schema per tenant with discriminator columns

Row-level security ensures queries only return data for the authenticated tenant. Cross-tenant queries are architecturally impossible.

SAP XSUAA

Tenant-specific OAuth scopes

Each tenant gets unique scope prefixes. Tokens are bound to a single tenant and cannot be used across boundaries.

Event Mesh

Filtered subscriptions per tenant

Event subscriptions include tenant_id filters. Events from one tenant are never delivered to another.

AI Models

Shared binaries, separate inference contexts

Model binaries are shared for efficiency, but each tenant gets an isolated inference context with separate memory space.

Audit Trail

tenant_id on every record

Every audit record includes a mandatory tenant_id field. AuditViewer role is scoped to a single tenant.

CISO Approved

Security That Your
CISO Will Approve

Zero data leaves your system. Six-layer zero-trust architecture. Immutable audit trails. Every major compliance framework covered. Start your assessment today.

Start Free Trial Request Security Assessment

0 Bytes to Zynoviq

AES-256 Encrypted

SHA-256 Audit Trail

RSA-4096 Signed

SOX + GDPR + SOC 2

Your Data NeverLeaves Your SAP.Ever.

Crystal Clear: What Stays, What Goes

Customer's BTP Environment

Zynoviq License Server

What NEVER Leaves Your SAP BTP

Six Layers. Zero Trust.Every Request Verified.

Authentication

Authorization

Transport Security

Data at Rest

Audit Trail

Secret Management

Every Major Framework.Covered.

SOX

GDPR

SOC 2 Type II

HIPAA

PCI-DSS Level 1

ISO 27001

SHA-256 Hash-Chained.Tamper-Proof by Design.

Every Audit Record Contains:

How Hash Chaining Works

7-Year Retention

Read-Only for Auditors

Export Ready

8 Layers of IP Protectionin Every .mtar

5-Layer License ValidationUnhackable. Unbypassable.

Tenant Isolation at Every Layer

SAP HANA

SAP XSUAA

Event Mesh

AI Models

Audit Trail

Security That YourCISO Will Approve

Your Data Never
Leaves Your SAP.
Ever.

Six Layers. Zero Trust.
Every Request Verified.

Every Major Framework.
Covered.

SHA-256 Hash-Chained.
Tamper-Proof by Design.

8 Layers of IP Protection
in Every .mtar

5-Layer License Validation
Unhackable. Unbypassable.

Security That Your
CISO Will Approve