Enterprise — TDS Risk

Core capabilities

Everything you need to ship to production.

Not a platform to migrate to — a signal layer that drops into the architecture you already have.

⚡

Real-time API

Live carrier-derived signals in under two seconds. No stored data, no enrichment hops.

✓

Full audit trail

Unique request ID, response payload, and audit link on every check.

🔑

Secure key management

Multiple scoped API keys, role-based access, sandbox and production environments.

📈

High-volume processing

Designed for sustained throughput with load balancing and rate-limit headers.

◎

Batch & bulk support

Structured workflows for high-volume validation and back-book analysis.

⛁

Data control

Retained or deleted according to your retention policy — not ours. Deletion is verifiable.

🇬🇧

UK data residency

All processing inside the UK, aligned with UK GDPR, registered with the ICO.

🛡

Security

2FA-enabled access, IP whitelisting, scoped API authentication, session controls.

Reliability

Built for consistency, not just availability.

Uptime is table stakes. What matters for decisioning is predictable latency under real load.

Performance, measured in real terms.

Your risk decisions are only as fast as your slowest dependency. TDS Risk is architected to stay well inside the latency budget you've already allocated — so checks happen at the point of decision, not around it.

✓Sub-2-second response at p95
✓Rate limiting and traffic control per key
⌛Retry-safe request handling (coming soon)
✓Infrastructure designed for continuous operation
✓Live status page and incident history

live_performance_sla.json LIVE

statusOPERATIONAL

p50_latency340 ms

p95_latency< 2 seconds

success_rate99.9%

audit_coverage100%

data_residencyUK

uptime_30d99.98%

Carrier coverage — live

vodafone_uk ee o2_uk three_uk

// p95 is measured across production traffic,
// including peak-hour load. Retry-safe request
// handling ships Q2 2026.

Integration

Sits upstream of the stack you already run.

You keep your architecture, your decisioning logic, and your data flows. TDS Risk adds a real-time signal layer where it matters — before cost, before verification, before risk moves downstream.

✓REST API with JSON — no proprietary SDKs required
✓Webhooks for async event-driven architectures
✓Sandbox environment with test keys same-day
✓No footprint on credit file — pre-verification safe
✓FCA Consumer Duty-ready audit trail by default
✓Compatible with existing bureaux and KYC platforms

What makes it different

Enterprise capability doesn't have to mean complexity.

Batch processing, stored data, and delayed checks all make the same compromise — the decision is made after cost has already been incurred.

TDS Risk is built around the opposite idea. Every signal is live. Every check is at the point of decision. Risk is addressed before verification, before fulfilment, before exposure moves downstream.

1

Signal captured

Mobile number reaches your application

2

TDS Risk check (<2s)

Live carrier signals, Trust Score, reason codes

< 2s p95

3

Your decisioning runs

Score routes the request — or stops it here

4

Downstream stack engaged

Only for requests that earned the cost

Security & governance

Designed to pass procurement the first time.

The controls, documentation, and data-handling practices that InfoSec and legal teams ask for — surfaced up front, not after a signed NDA.

🛡 Access & identity

✓2FA enforced on all console logins

✓Role-based access per workspace

✓Multiple scoped API keys per use case

✓Optional IP whitelisting per key

✓Sandbox and production isolated

⛁ Data handling

✓All processing performed in the UK

✓Registered with the ICO (ZB300553)

✓UK GDPR-aligned retention controls

✓Configurable deletion policies

✓No data shared with third parties

🔐 Transport & storage

✓TLS 1.2+ across all endpoints

✓Encryption at rest for stored results

✓Hashed and scoped credential storage

✓No PII in URLs or query strings

✓Secrets never logged server-side

📋 Audit & traceability

✓Unique request ID on every response

✓Full response payload retained

✓Per-request audit link for reviewers

✓Immutable log of check history

✓Exportable audit trail on demand

◈ Availability

✓Continuous monitoring and alerting

✓Public status and incident history

✓Rate-limit headers on every response

✓Graceful degradation on upstream load

⌛Retry-safe handling (coming soon)

£ Commercial

✓Flat community pricing — no volume tiers

✓No contracts, no minimums, no overages

✓Credits never expire

✓Self-serve top-up or invoiced billing

✓DPA & questionnaire on request

Procurement at a glance

For legal, InfoSec & vendor onboarding.

The facts your procurement team will ask for. Keep this page open — or send it to them directly.

Legal entity

The Data Supermarket LtdTrading as TDS Risk

Companies House

13855926England & Wales

ICO registration

ZB300553

Registered office

14 Upper Barker Street, Liversedge, WF15 7HF

Data residency

UK onlyNo transfers outside UK

Carrier coverage

Vodafone · EE · O2 · Three

Support hours

Mon – Fri · 09:00 – 18:00 UKAPI available 24/7

DPA / InfoSec pack

Request on demand →

Enterprise FAQ

Questions procurement asks.

If it's not here, ask us directly — we reply within one UK business day.

What is the response time at peak load?

Every request returns carrier-derived signals in under two seconds under typical and peak load. There is no stored data, no enrichment chain, and no batch queue between the request and the answer. p50 sits around 340 ms in production.

Where is data processed and stored?

All processing is performed within the United Kingdom. We operate under UK GDPR and are registered with the Information Commissioner's Office (ICO Reg. ZB300553). Data residency and retention can be discussed on a per-customer basis.

Do we need a long-term contract or minimum volume?

No. Enterprise customers use the same flat community pricing as everyone else: £0.35 per Trust Score check, £0.45 per Mobile KYC check. No minimums, no contracts, no volume tiers, no overages. Credits never expire.

How do we separate staging from production?

Every account supports multiple API keys with scoped permissions, distinct sandbox and production environments, role-based access control, 2FA, and optional IP whitelisting per key.

Does TDS Risk affect credit files?

No. TDS Risk sits upstream of credit bureaux, fraud bureaux, and KYC platforms. Checks do not leave a footprint on the subject's credit file, which means you can run them pre-verification without consequence.

How is audit and traceability handled?

Every request is logged with a unique request ID, the full response payload, and an audit link. This creates end-to-end traceability across your internal systems and any external reviewers — auditors, regulators, or your own second line.

Can we get a DPA, security questionnaire, or pen-test summary?

Yes. A standard DPA template, our completed security questionnaire, and summary documentation are available on request. Contact us and we'll send them over.

What happens if a check needs to be deleted?

Deletion is supported and verifiable. Retention is configurable per account, and individual records can be removed on request to support subject access and right-to-erasure workflows under UK GDPR.

Get started

Run a real check in under five minutes.

No sales gate, no trial window, no scheduled demo. Sign up, drop a number in, see the response. Then we'll talk.

Start with the quickstart Read the docs

⚡

Getting started

First check in 10 minutes. Postman, cURL, and Node examples.

Open quickstart →

📋

Reason codes reference

Every signal we return, what it means, and when to act on it.

Browse reason codes →

🟢

System status

Live API uptime, carrier connection status, and incident history.

View live status →

Built for real-time decisioningat enterprise scale.