Skip to main content
Docs/Security
Bank-Grade

Security & Privacy

How STET handles your data, ensures auditability, and maintains transparency.

Overview

STET is designed for financial reconciliation where security and auditability are non-negotiable. Our architecture prioritizes:

Desktop-First Processing

Production workflows execute inside the desktop app, not a hosted execution surface.

Full Transparency

Every decision includes evidence links and reasoning.

Deterministic First

Rule-based matching before any ML enhancement.

No Model Training

Your data is never used to train ML models.

Data Handling

In-Memory Processing

Production file processing happens locally in the desktop app. Files are read, parsed, matched, and kept on-device; document content is never written to STET-controlled servers.

No Data Retention

STET does not retain original document content on STET servers. Local app storage may keep on-device review artifacts, caches, and audit outputs so the operator can continue work.

Stateless Architecture

The website/backend handles account, billing, and support surfaces. Production analyst workflows are intentionally outside the hosted request path and run inside the desktop app boundary.

Deterministic Logic

The core matching algorithm is entirely deterministic:

  • Same inputs always produce same outputs. No random seeds, no non-deterministic ordering.
  • Rule-based matching runs first. Passes 1-3 use exact thresholds (85% similarity, ±3 days, etc.).
  • ML enhances, never fabricates. Semantic matching only provides similarity scores; it doesn't invent matches.

Reproducibility Commitment: Given the same input files and thresholds, STET will produce identical results every time. This is verified via the file hash in the audit certificate. Accuracy of results depends on the quality and completeness of input data.

ML Transparency

STET uses a pre-trained sentence transformer model for semantic matching. Here's what you need to know:

Model Used

sentence-transformers/all-MiniLM-L6-v2

A small, efficient model for computing text embeddings. Open-source and widely audited.

No Training on Your Data

The model is pre-trained and frozen. Your transaction descriptions are used only for inference (computing embeddings). They are never stored, logged, or used for training.

No AI Fabrication

Unlike generative AI, semantic matching computes similarity between existing texts. It does not generate or fabricate transactions. Final verification remains the analyst's responsibility.

Auditability

Every audit produces a certificate that enables third-party verification:

  • File Hash: SHA-256 of combined input files
  • Threshold Configuration: Similarity %, date tolerance, etc.
  • Match Log: Every match with pass used and confidence score
  • Discrepancy List: Every flagged item with reasoning
  • Timestamp: ISO 8601 completion time

Anyone with the same input files can re-run the audit and verify they get identical results.

Deployment Options

Recommended

Desktop App

The primary production deployment model. Users run STET locally with the engine embedded in the desktop app.

On-Premise

Air-gapped and enterprise-managed deployments remain available where buyers require infrastructure control.