Docs/Security
Bank-Grade

Security & Privacy

How STET handles your data, ensures auditability, and maintains transparency.

Overview

STET is designed for financial reconciliation where security and auditability are non-negotiable. Our architecture prioritizes:

Zero Persistence

Data is processed in memory and never stored on our servers.

Full Transparency

Every decision includes evidence links and reasoning.

Deterministic First

Rule-based matching before any ML enhancement.

No Model Training

Your data is never used to train ML models.

Data Handling

In-Memory Processing

All file processing happens in memory. Uploaded files are read, parsed, matched, and discarded. No data is written to disk or persisted in any database.

No Data Retention

After an audit completes, the only output is the audit certificate and results JSON. The original files are not retained. To re-run an audit, you must upload the files again.

Stateless Architecture

The backend is stateless. Each request is independent. There's no session, no user account, and no persistent storage of user data.

Deterministic Logic

The core matching algorithm is entirely deterministic:

  • Same inputs always produce same outputs. No random seeds, no non-deterministic ordering.
  • Rule-based matching runs first. Passes 1-3 use exact thresholds (85% similarity, ±3 days, etc.).
  • ML enhances, never fabricates. Semantic matching only provides similarity scores; it doesn't invent matches.

Reproducibility Guarantee: Given the same input files and thresholds, STET will produce identical results every time. This is verified via the file hash in the audit certificate.

ML Transparency

STET uses a pre-trained sentence transformer model for semantic matching. Here's what you need to know:

Model Used

sentence-transformers/all-MiniLM-L6-v2

A small, efficient model for computing text embeddings. Open-source and widely audited.

No Training on Your Data

The model is pre-trained and frozen. Your transaction descriptions are used only for inference (computing embeddings). They are never stored, logged, or used for training.

No Hallucinations

Unlike generative AI, semantic matching computes similarity between existing texts. It cannot "make up" transactions or create false matches.

Auditability

Every audit produces a certificate that enables third-party verification:

  • File Hash: SHA-256 of combined input files
  • Threshold Configuration: Similarity %, date tolerance, etc.
  • Match Log: Every match with pass used and confidence score
  • Discrepancy List: Every flagged item with reasoning
  • Timestamp: ISO 8601 completion time

Anyone with the same input files can re-run the audit and verify they get identical results.

Deployment Options

Recommended

Self-Hosted

Run STET entirely on your infrastructure. Docker Compose makes deployment simple. No external calls.

On-Premise

Air-gapped deployment option available. Contact us for enterprise licensing.