Independent Research Initiative · TRL 3–4
Governance Principles
Soliidus is an independent research and engineering initiative exploring standards-aligned integrity verification models for modern payment systems. Our public infrastructure posture is intentionally minimal, restrained, and research-oriented. No production financial transactions, interbank payment traffic, or live settlement operations are processed through Soliidus public-facing systems.
Soliidus is currently structured as an independent infrastructure research initiative focused on ISO 20022-aligned payment integrity research, non-invasive message-layer verification models, distributed integrity validation concepts, operational resilience and auditability research, and standards-aligned interoperability exploration. Our work is exploratory and research-oriented in nature.
Operational Philosophy
Integrity First
Integrity and verification should operate alongside modern payment infrastructure without introducing unnecessary operational friction.
Standards Alignment
Research is conducted with awareness of evolving ISO 20022 standards, interoperability requirements, and modern payment system architectures.
Minimalism & Restraint
Public-facing systems are intentionally lightweight and designed to minimise unnecessary complexity, data collection, and operational exposure.
Evidence Before Assertion
Architectural hypotheses must be validated empirically before any production or institutional deployment assumptions are made.
Security By Design
Security, operational discipline, and governance considerations are incorporated from the earliest stages of system design.
Privacy Policy
Data Collection
Soliidus collects only limited information necessary for basic operational communication and website functionality. This may include name, corporate email address, organisation name, technical enquiry details, and basic web server logs.
We do not intentionally collect payment credentials, financial account information, interbank transaction data, live settlement traffic, or production payment telemetry.
Purpose of Processing
Limited enquiry information is used solely for responding to technical enquiries, research collaboration discussions, stakeholder engagement, operational security monitoring, and website administration. Soliidus does not sell personal data and does not operate advertising networks or behavioural profiling systems.
Lawful Basis
Where applicable under UK GDPR, Soliidus processes limited personal information under legitimate interests, consent, and operational security requirements.
Data Retention
| Data Type | Retention Period |
|---|
| Technical enquiries | Up to 12 months |
| Basic server logs | Up to 30 days |
| Security event records | As operationally necessary |
Data Security
Access to enquiry information is restricted to authorised personnel. Reasonable technical and organisational safeguards are used to protect information from unauthorised access, disclosure, loss, or misuse.
International Transfers
Soliidus currently intends to maintain operational data within the United Kingdom where reasonably practicable.
Your Rights
Where applicable under UK GDPR, individuals may request access to personal data, correction of inaccurate data, deletion of personal data, restriction of processing, or objection to processing. Requests may be directed to privacy@soliidus.com.
Security Overview
Security Philosophy
Soliidus adopts a security-conscious engineering posture appropriate for an early-stage infrastructure research initiative. Our public systems are intentionally designed to minimise attack surface area, limit unnecessary data exposure, separate public-facing systems from research environments, and maintain operational simplicity where possible.
Current Security Posture
Current measures may include HTTPS/TLS encryption, domain-level email authentication controls, restricted administrative access, basic access logging, infrastructure segmentation between public and research systems, and controlled repository access. Security controls evolve continuously as the research initiative matures.
Security Research & Validation
Soliidus is currently conducting sandbox validation research, synthetic dataset testing, architecture simulation, operational resilience modelling, and distributed verification research. No live production banking integrations currently exist.
Planned Security Milestones
- Independent security assessments
- Expanded vulnerability management processes
- Formalised operational security procedures
- ISO 27001 readiness activities
- Enhanced access governance controls
These objectives remain subject to organisational growth and operational maturity.
Regulatory Engagement
Soliidus is currently preparing for potential regulatory and innovation engagement activities relevant to payment-system research and interoperability.
Responsible Disclosure Policy
Reporting Security Issues
Soliidus welcomes responsible disclosure of legitimate security vulnerabilities relating to our public-facing systems. Use the secure form below or contact security@soliidus.com directly.
Good Faith Research
We support responsible, ethical, and good-faith security research. Researchers acting responsibly and within the scope of this policy will not be subject to legal action solely for identifying vulnerabilities, responsibly reporting findings, avoiding service disruption, or respecting privacy and confidentiality.
Scope
This policy applies only to public-facing Soliidus systems and services. Out-of-scope activities include:
- Social engineering or phishing attempts
- Denial-of-service attacks
- Physical intrusion attempts
- Accessing or modifying data without permission
- Actions causing operational disruption
Disclosure Process
Researchers are requested to provide sufficient technical detail to reproduce the issue, avoid unnecessary access or data exposure, allow reasonable remediation time before public disclosure, and refrain from exploiting vulnerabilities beyond demonstration purposes.
Response Commitment
Soliidus will make reasonable efforts to acknowledge legitimate reports, investigate responsibly disclosed findings, and communicate remediation progress where appropriate. Response timelines may vary depending on operational capacity and issue severity.
Submit a Disclosure Report
Terms of Use
Informational Purpose
The Soliidus website and associated materials are provided for informational and research discussion purposes only. Nothing on this website constitutes financial advice, legal advice, regulatory assurance, production deployment representation, or institutional partnership confirmation.
Research Status
Soliidus is currently an independent research initiative operating at an early-stage technical maturity level. Architectural concepts, technical hypotheses, and simulation models remain subject to validation, revision, operational feasibility assessment, regulatory considerations, and institutional review.
No Warranty
Materials are provided on an "as available" basis without warranties of any kind. Soliidus makes no guarantees regarding operational availability, interoperability, production suitability, technical completeness, or future implementation outcomes.
Intellectual Property
Unless otherwise stated, Soliidus materials, branding, diagrams, and written content remain the intellectual property of Soliidus Ltd. Unauthorised reproduction or redistribution is prohibited.