If you’d like to see a full list of AWS compliance programs, please click here: https://aws.amazon.com/compliance/pci-data-privacy-protectionhipaa- soc-fedramp-faqs/
For more information about AWS data centre controls, please click here: https://aws.amazon.com/compliance/data-center/controls
Our systems are hardened to protect against Distributed Denial of Service (DDoS) attacks and man-in-the-middle attacks. Our reputable registrars are able to defend against domain hijacking and “phishing” exploits.
Through rigorous and constant penetration testing, we’re able to detect vulnerabilities such as code injection and cross-site scripting.
All network traffic uses bank-grade encryption, so your confidential information protected. We use industry best practices for encryption key storage and security.
We have an ISO/IEC 27001:2013 certification, which is a highly regarded international standard for Information Security Management Controls (ISMC). As well, our ISMC is independently audited.
We are fully compliant with the UK Data Protection Act (DPA) and the European Union General Data Protection Regulation (GDPR) for the management of personal data.
We use a hierarchical security model combined with two-step authentication. For sensitive systems, we go a step further by incorporating multi-factor authentication. As well, we constantly monitor for suspicious behavior with 24/7 logging and auditing
Our provider (Currencycloud) is authorized by the Financial Conduct Authority for issuing of electronic money and the provision of payment services with FCA registration number 900199. Currencycloud is registered with FinCEN and is authorized in 22 states to transmit money.