Security at aasaan

aasaan security posture is built on the core principles of Integrity, security and simplicity in building applications, Infrastructure and Integrations. Using the latest modern technology stack, following a well-architected framework, and securing information and privacy practices, we ensured aasaan is highly resilient, redundant and fault-tolerant.
Server Security

aasaan is powered by Amazon Web Services. All aasaan systems restrict access to the fewest persons required to maintain them operational. Deployments are automated to all systems, and SSH is disabled on all machines with access to aasaan data to prevent unauthorized access to customer data.


All data exchanged with aasaan is done via the HTTPS protocol.

Data Storage & Access

Live aasaan data is kept in MongoDB on AWS, and access is restricted to systems that require read and write access to the data. We also do incremental, encrypted backups of the MongoDB datastore to Amazon S3 every 10 minutes, which is designed to provide 99.99% data durability in the case of a malfunction or catastrophic failure of MongoDB.

Employee Access

Unless required for support purposes, no aasaan employee will ever see your client data. If you contact us with a support issue that necessitates access to your customer data, we will ask for and wait for your approval before proceeding. We have an audit trail of consumer data access to avoid misuse. We would only access your customer data without your authorization in the event of a rare, emergency service incident that caused a system-wide disruption.

Maintaining Security

Passwords are filtered from all logs and one-way encrypted in the database with bcrypt. Login information is always transmitted via SSL.

Payment Data Safety

When you sign up for a paid account on aasaan, your payment information is sent to Razorpay, a business committed to storing your sensitive data on PCI-compliant servers. Our servers do not store or even see the data of your payment method.

For More Information

If you require any further information or clarifications, please write to us at