Products

Request A Demo

Accelerating Financial Inclusion in India

Making financial services accessible at affordable costs to all creditworthy individuals

How CreditVidya’s SDK works

  • 01

    Download the lender/digital platform app

    Download the application hosting the loan journey. CreditVidya’s SDK is embedded in the app.

  • 02

    Consent to the SDK’s access to data

    A clear, unambiguous consent screen that articulates what data is collected and the purpose for which it will be used is displayed to the user to take his/her consent.

  • 03

    Apply for a loan

    The SDK makes a decision in less than a minute.

  • 04

    Receive the loan amount in your bank account

    Once the loan is approved, the disbursal of the amount is usually instant.

Raising the bar for data security & privacy

DATA SECURITY & PRIVACY

We value the individual’s privacy. To this end, we have designed the data collection process to be consent-driven and privacy-preserving, whilst allowing people to benefit from new-age credit experiences. CreditVidya’s framework significantly enhances the privacy of the end-user, compared to many traditional methods involving intrusive paper trails and extensive human scrutiny.

We are continuously refining our processes to adopt and create higher standards of data privacy, while providing the most robust credit risk assessment solutions.

Privacy by design

Data gathering

Explicit consent is taken from the individual before the data is collected and after informing her about the data that has been collected and its use case (in accordance with the rules governing the Android ecosystem).

  • A clear, unambiguous consent screen is displayed. It clearly articulates what data is collected and the purpose for which it will be used.
  • Data mentioned in the consent screen is collected once the user consents to it. When a user initiates the loan journey the SDK gets invoked.
  • CreditVidya’s SDK accesses only transactional SMSes. They are collected with filters to omit messages containing OTPs, passwords or any similar identifiers.
  • Anonymization or removal of unwanted personally identifiable information (PII) is done at source.
  • A user can revoke the permissions to access his/her data. To do this, they need to go to 'Settings' and disable the permissions granted to the app. These can be re-enabled at any point.
  • Data is encrypted during transmission and at rest.

Data collection

  • SMS

    Collection and monitoring of bulk SMSes (such as the ones sent by "AD-$BANK", "AM-$WALLET", etc.) for credit risk assessment. Personal SMSes or OTP related SMSes are NOT collected.

  • Account-related

    Collection and monitoring of account information to auto-fill data during the application process. It also helps in enriching the overall credit profile of the user.

  • Phone

    Collection and monitoring of specific information about the applicant’s device including the hardware model, operating system and version, unique device identifiers, Wi-Fi information, user profile information and mobile network information.

  • Media

    Collection of meta information of images. The image content itself is neither accessed nor collected.

  • Contacts

    Collection and monitoring of contact information.

  • Location

    Collection and monitoring of information about the location of the applicant’s device.

  • Apps

    Collection and monitoring a list of installed apps on the applicant’s device.

End-to-end security

  • Collection

    Encryption of data at source. Dynamic unique encryption keys, per device.

  • Transmission

    HTTPS APIs only with TLS 1.2 protocol or higher; 256 bit encryption

  • Storage

    PII data stays encrypted throughout its life cycle - from ingestion to disposal and even at rest in our storage systems.

  • Disposal

    Purging and disposal of data is done on client's/lender's request based on their purging policy.

  • Secure processes

    Transform consumer experience and improve operational efficiency.

  • Secure systems

    Subject systems to hardening process and rigorous tests including frequent vulnerability assessments & penetration testing.

  • Secure organizational practices

    People awareness with stringent access control.

  • Annual security trainings

    ISMS training and tests are mandatory for all employees. The Information Security Team at CreditVidya is given additional training.

ISO 27001 Certification

CreditVidya is the one of the few players in the alternative lending ecosystem to be ISO27001 certified, the gold standard in protection requirements for Information Security Management Systems (ISMS).

If you have any questions or concerns on our privacy and security policy, please write to us at security@creditvidya.com

25 million and counting...

Harnessing technology to power an inclusive world.