Security & Trust
Built for banks that cannot afford to get security wrong
Every action authenticated. Every request logged. Your infrastructure, your rules. MidLyr gives your compliance team the documentation they need and your engineering team the control they require.
Control
You decide what's exposed. You own the infrastructure. You see everything.
MidLyr is an infrastructure layer, not a black box. Three non-negotiable principles govern everything we build.
You configure what's exposed
MidLyr only enables operations you explicitly configure and approve. No capability is exposed by default. If your bank doesn't offer a feature, no AI agent can access it through MidLyr.
You own the infrastructure
By default, MidLyr deploys inside your network perimeter. Your data never transits through servers you don't control. For institutions that prefer managed hosting, we offer SOC 2 certified infrastructure with full audit access.
You have full audit visibility
Every request is logged with a complete audit trail: who initiated it, what was authorized, what action was taken, and the outcome. Your compliance team can inspect any transaction at any time.
Authentication
No stored credentials. No standing access. Every request proven fresh.
Customer authenticates directly with your bank
MidLyr never sees, touches, or stores banking credentials. Authentication happens directly with your existing login infrastructure — the same flow customers use in your app today.
Your bank issues a scoped, encrypted token
After authorization, your systems generate an encrypted token specific to that request. The token cannot be used to identify the customer or complete any other action beyond what was explicitly approved.
MidLyr routes the request; your system executes it
MidLyr passes the authorized request back to your infrastructure. Your systems evaluate and execute — using the same authorization logic you already have in place.
Every write action confirmed before execution
For payments, transfers, and disputes, customers receive a confirmation request via SMS or email before any action completes. Nothing happens without explicit approval.
What MidLyr never stores
- Banking usernames or passwords
- Session tokens or long-lived credentials
- Account numbers or routing numbers
- Personally identifiable information (PII)
- Transaction history or balance data
Deployment
Deploy where your security policy requires
Three deployment models let you choose exactly where MidLyr runs — based on your data classification policy, regulatory requirements, and existing infrastructure.
Option 01
Bank-Hosted
Recommended for most institutions
MidLyr deploys entirely within your infrastructure. All data stays inside your network perimeter. Ideal for institutions with strict data residency requirements or existing cloud environments.
Best for
Tier 1 & 2 banks, institutions with existing cloud environments, strict data residency requirements
Option 02
MidLyr-Hosted
For institutions prioritizing speed
MidLyr operates in our SOC 2 Type II and ISO 27001 certified infrastructure, independently audited annually. Your team retains full audit log access. Fastest path to deployment.
Best for
Fintechs, community banks, institutions without existing cloud infrastructure
Option 03
Hybrid
Split by data classification
Non-authenticated requests (marketing, product discovery) run through MidLyr's infrastructure. Anything touching customer PII routes through your own. Granular control matched to your data classification policy.
Best for
Institutions piloting with a limited scope, or with specific regulatory constraints on PII handling
Compliance
Built on the regulations you already operate under
Audit-ready by design
Every MidLyr action generates a structured log: request origin, authentication method, authorization granted, action taken, timestamp, and outcome. Exportable in formats your compliance team and regulators already accept.
AI action guardrails
Our compliance engine tests against regulations to ensure AI agents cannot offer incorrect advice or make impermissible recommendations. Every AI-generated response touching your products passes through configurable guardrails before reaching the customer.
Your authorization logic, preserved
MidLyr does not replace your existing authorization infrastructure. Requests route through the same validation rules that govern your app and website. An AI agent cannot do anything a logged-in customer couldn't do themselves.
Revocation at any level
Access can be revoked instantly — by the customer from their bank account, the MidLyr dashboard, or the AI tool itself; or by your team from the MidLyr admin panel. Revocation propagates immediately across all connected services.
Security FAQ
Questions your security team will ask
How do you control what actions AI agents can take on behalf of customers?
Banks maintain full control over what actions are exposed through MidLyr. We only enable operations you explicitly configure and approve. Every action is authenticated against your authorization rules and logged — and for sensitive operations, confirmed by the customer before execution.
Does MidLyr run in our infrastructure or yours?
You choose. By default, MidLyr deploys within your infrastructure so you have complete control. For institutions that want faster deployment, we offer SOC 2 Type II and ISO 27001 certified hosting, independently audited. A hybrid model is also available: unauthenticated marketing requests through MidLyr, anything touching PII through your own infrastructure.
Who is responsible if an AI agent performs an incorrect or fraudulent action?
MidLyr provides the authentication and infrastructure layer. You continue to authorize actions using the same rules that govern your website and banking app — MidLyr does not bypass your existing risk controls. Our audit trails give your team full visibility into every request so you can investigate and address any issue.
Does MidLyr store customer banking credentials?
No. Customers authenticate directly with your bank. After authorization, your systems issue an encrypted, request-scoped token. MidLyr never sees passwords, session tokens, account numbers, or any other credentials. The token is specific to the request and cannot be reused for any other purpose.
Can access be revoked?
Yes, immediately. Customers can disconnect MidLyr from their bank account settings, the MidLyr dashboard, or directly from the AI tool. Your team can also revoke access from the MidLyr admin panel. Revocation takes effect immediately across all connected services.
Ready to review?
Bring your security team. We built MidLyr to pass their review.
We provide full security documentation, penetration testing reports, and dedicated time with our engineering team to address every question your CISO and compliance officers have.