Engineered for Indian banking realities.
CBS-agnostic. Multi-tenant. Air-gap-ready. Built so your operations team can run it.
CortexData runs as your full-stack lending OS or as a layer over your existing CBS. The same platform code deploys on AWS Mumbai, your private data centre, or air-gapped on-prem. We optimised for the way Indian banks actually run technology — not the way Silicon Valley vendors think they should.
- TypeScript microservices on Postgres + Prisma; Python for ML
- CBS-agnostic adapter port: Finacle, Flexcube, BaNCS, or native ledger
- Multi-tenant from day one — soft or hard isolation
- AWS ap-south-1 with Terraform, or air-gapped on-prem K8s
- Prometheus + Grafana observability, alert rules included
- RBI data-localisation by design — data never leaves India
- 01TypeScript microservices on Postgres + Prisma; Python for ML
- 02CBS-agnostic adapter port: Finacle, Flexcube, BaNCS, or native ledger
- 03Multi-tenant from day one — soft or hard isolation
- 04AWS ap-south-1 with Terraform, or air-gapped on-prem K8s
The shape of the platform.
Each capability below is real architecture, not a marketing promise. We'll walk you through the deployment topology and show you the running stack on a discovery call.
CBS-agnostic adapter port
Same business logic against Finacle, Flexcube, TCS BaNCS, or a CortexData-native double-entry ledger. Switch CBS without touching origination or LMS code.
Microservices boundaries
API Gateway, LOS, LMS, CLO, Co-Lending, PTC, KYC, CBS Integration, Reports, Notifications. Independent deploy + scale per service.
Postgres + Prisma seam pattern
Postgres for OLTP. Every service exposes a narrow Prisma seam port — testable in-memory in CI, swapped to real DB in production. 12 production seam adapters today.
Multi-tenant from day one
Per-tenant configuration: PSL targets, sanction matrix tiers, exposure caps, languages, KYC vendors. Shared compliance core. One platform, many institutions.
AWS Mumbai (ap-south-1) by default
Pre-built Terraform for AWS ap-south-1. Multi-AZ Postgres, S3 Object Lock for audit retention, KMS-managed secrets, ALB + WAF, VPC with isolated subnets.
Or run on your hardware
Same Kubernetes manifests work on private cloud, VMware, or bare-metal. We've shipped to UCBs running their own data centres in tier-2 cities.
Observability built-in
Prometheus metrics on every state transition. Alert rules for stuck queues, NPA breaches, reconciliation gaps. Grafana dashboard JSON ships with the platform.
Security posture
OWASP-aligned controls, secrets in KMS / HashiCorp Vault, mTLS between services, RBAC + maker-checker at the application layer, VAPT-tested.
Data locality + encryption
RBI data-localisation by design — all customer data stays in India (ap-south-1 or on-prem). At-rest encryption (KMS), in-transit (TLS 1.3), field-level for PII.
EN · ಕನ್ನಡ · हिंदी
Multi-language as a first-class architectural concern: locale resolution at request boundary, ICU-based formatters for ₹ + Indian dates, three-language artefact rendering.
Three ways to run CortexData.
AWS Mumbai (ap-south-1)
- Multi-AZ Postgres (RDS or Aurora)
- S3 Object Lock for audit retention
- ALB + WAF + Shield
- KMS-managed secrets, VPC isolation
- EKS cluster with managed node groups
- Pre-built Terraform module
Private cloud / on-prem
- Kubernetes (vanilla or OpenShift)
- Postgres (HA, your distribution)
- MinIO for audit archive (WORM enabled)
- Prometheus + Grafana on-cluster
- Air-gap mode for fully-isolated networks
- Helm charts + manifests provided
Hybrid
- Origination on cloud, LMS on-prem
- Or non-prod on cloud, prod on-prem
- Cross-network mTLS service mesh
- Audit aggregation to a central sink
- Migration runbooks shipped
- Full data-locality preserved
Frequently asked questions
Walk through the architecture with our team.
We'll show you the running deployment topology, the CBS adapters, the audit-chain wire-up, and the multi-tenant configuration on a 60-minute architecture deep-dive.