Trust
Trust, Security, and SLA
Platform availability, security posture, certifications, and data residency — for institutional buyers and investors conducting operational diligence.
Service Level
SLA Architecture
99.9%
Platform availability target
At the MCX platform layer
Tier-III
Colocation certification
99.982% facility availability
Sev 1–3
Incident classification
Defined response timelines
The MCX 99.9% availability target applies to the MCX platform layer (core network, BSS, Activate). Host MNO network availability is governed by MCX’s agreements with its host MNO partners and is outside the direct MCX platform SLA. The host MNO SLA boundary is documented in the operational agreement.
Security Posture
Security Architecture
Application security
- API authentication and authorisation controls
- Input validation and output encoding
- Dependency vulnerability scanning
- Secure code review process
Network security
- Network segmentation and micro-segmentation
- Intrusion detection and prevention
- DDoS mitigation
- Encrypted transport (TLS 1.2+)
Infrastructure security
- Tier-III certified colocation facility
- Physical access controls
- 24/7 monitoring
- Redundant power and connectivity
Certifications
Certifications Roadmap
MCX is a pre-launch platform. No certifications are currently held. The roadmap below represents the intended certification path. This disclaimer is provided for transparency.
| Certification | Target | Status |
|---|---|---|
| ISO/IEC 27001 | Year 1 | Not yet initiated |
| NDPA registration | On launch | In progress |
| PCI DSS | Year 1 (conditional on payment services) | Not yet initiated |
| SOC 2 Type II | Year 2 | Planned |
| TM Forum flow-through | On launch | In progress |
Incident Response
Incident Classification and Response
| Severity | Definition | Initial response target | Communication |
|---|---|---|---|
| Severity 1 | Platform-affecting: subscribers unable to access service | Immediate (24/7) | Status page + direct MVNO notification |
| Severity 2 | Service-degraded: partial service or performance impact | 4 hours | Status page update |
| Severity 3 | Non-service-affecting: minor issues or monitoring alerts | Next business day | Ticket system |
Frequently asked questions
Technical due diligence?
Detailed security documentation, architecture diagrams, and SLA terms are available under NDA. Book a scoping call to begin.