Built with teams who ship under pressure

Stop duct-taping your PUI integration

Most “PUI offers” stop at a slide deck and a generic connector. We deploy a hardened Go middleware that already encodes the three search phases, match notifications, biometric crypto, and an audit chain your CISO can actually review—running on your metal or ours, with four real ways to plug your customer registry.

Talk to an architect arrow_forward Security audits

Illustration: secure PUI middleware connecting an institution’s registry to the identity platform with encrypted data flows.

fact_check

Technical controls baked into the product

Why teams pick us over “another PUI vendor”

The market is noisy. Here is the concrete edge you get when the same engineers who wrote the checklist also run your cutover.

Evidence, not vibes

Reproducible security cycles (SAST/DAST/SCA) with sign-off—not a PDF that ages the day after delivery. Your risk committee gets artifacts, not promises.

Four registry patterns, day one

Direct SQL (MySQL/Postgres/Oracle/SQL Server), HTTPS API with mock, batch SFTP on the roadmap, lab mocks—most competitors push one path and force you to refactor.

Data stays where you say

On-prem, your cloud, hybrid, or managed by us with the same binary. No surprise egress to vendors you never approved.

Architects on the call—not a call center

You talk to the people who homologate sandbox → prod flows, tune adapters, and answer “why did the phase timer fire?” at 2 a.m.

Sensitive flows get human eyes

Multi-match edge cases, admin MFA, extended audit metadata—because automation alone is not enough when reputations are on the line.

Reference topology—yours will match your policies

Illustration for decks & approvals

Reference diagram: reverse proxy, application tier, database, and TLS links toward the platform.

Deploy it your way

dns

On-premise / your cloud

Docker + PostgreSQL + nginx on your Linux VMs. Full control of disks and backups; optional hard switch so nothing phones home to hyperscalers.

cloud

Managed by Web Cuántica

We run hardened stacks with CI/CD and monitoring. Scope, cadence, and commercials are shaped only through our contact channel—no self-serve black box.

hub

Hybrid

Split tiers when internal policy demands it—compute in cloud A, database in datacenter B, still one coherent release train.

What ships in the box

sync_alt

Report lifecycle

Activate, update, deactivate from PUI; resync after outages; purge personal data when a case closes.

travel_explore

Three search phases

Basic, historical, continuous—implemented the way the integration spec expects, including explicit historical close.

notifications_active

Live match signals

Tell PUI immediately when your registry overlaps with an active disappearance report.

lock

Modern crypto & auth

Mutual JWT, AES-256-GCM for biometrics, TLS 1.2+, structured logs with PII masking so operators sleep better.

history_edu

Tamper-evident logs

Chained HMAC audit trail for ops and admin actions—because “trust me” is not a control.

integration_instructions

OpenAPI + adapters

Documented HTTP surface and adapters so your core banking/CRM does not need a rewrite on day zero.

Four registry patterns—pick yours

We meet your legacy where it lives. Swap adapters without rewriting the whole compliance story.

A — Direct SQL	MySQL, PostgreSQL, Oracle, or SQL Server via hardened, battle-tested drivers.
B — HTTPS REST API	Contract-first API on your side; we ship the HTTP adapter plus a mock for sandbox drills.
C — SFTP batch	Nightly CSV drops when batch is the only channel that survives procurement—already on the delivery roadmap.
D — Mock / lab	In-memory endpoints so QA can rehearse flows before production keys exist.

Engineering depth you can defend in a room

Pretty diagrams are cheap. These are the properties we prove before we ask you to cut traffic.

Binary-first delivery: migrations embedded, predictable upgrades, no mystery tarball from a random CI job.
Checklist traceability down to CK-01…CK-30 with runbooks—not a spreadsheet that lives in someone’s inbox.
Attack-surface discipline: Go + minimal container, observability hooks your SOC already knows how to ingest.
Same behavior in air-gapped-style stacks: documented secret backends, no accidental coupling to a vendor console.

Operations team monitoring production dashboards with verification and trust metaphors.

From keys to confident cutover

1
Institutional identity (e.firma + Llave MX) for whoever signs with government platforms.
2
Technical credentials + fixed egress IP coordinated with SEGOB operators.
3
Sandbox rehearsal: login, test report, full phase 1→3 dance, deactivate.
4
Production evidence pack: scanners at zero findings per our bar, TLS hardening, audit chain live.

Ready for a PUI story you can demo and defend?

Bring engineering, security, and ops—we’ll show the same artifacts we use on our own go-lives: specs, checklists, and signed test evidence.

Book the deep-dive Security audits