Security - Your Security & Privacy Matters
We understand the importance of securing financial data so security is at the core of our product. If you have any questions or concerns, please email us at security@paymints.io.
Encryption of sensitive data and personal information
We use AES-256, which has a key length of 256 bits. This supports the largest bit size & is practically unbreakable by brute force based on current computing power, making it the strongest encryption standard.
Secure third party vendors
Our third party vendors take security as seriously as we do. We are partnered with industry leading organizations who undergo routine security checks to test the efficiency and effectiveness of their security controls. For a list of third party vendors and their security profiles, please email security@paymints.io.
We are covered
We have insurance in place to cover cyber related criminal activity that may result in the loss of money. For specifics on our insurance coverage, please email security@paymints.io.
Routing and account numbers are not visible, stored or shared
Unlike wire transfers, routing and account numbers are not stored in paymints.io. Using a secure, third party integrator, users connect their bank or financial institution over a secure, encrypted channel that is not available to paymints.io. Paymints.io does not store or have access to users’ online banking user name or password. Paymints.io cannot access users’ bank accounts, initiate transfers or refunds, or conduct any transactions without the verified account owner initiating and confirming a transfer. Multiple factors are used to validate that the user is the owner of the bank account before a transfer can be initiated. Once a transfer is initiated, paymints.io cannot change or update the amount of the transfer. Paymints.io utilizes a secure, regulated third party to clear the transfer between the source and destination accounts.
Secure connections using HTTPS
Our SSL certificate gives us SSL/TLS encryption on both the user-facing public website used to transfer funds as well the tenant-facing private admin dashboard.
SMS
Authentication
Users and tenant admins are authenticated using secure passwordless authentication instead of being authenticated based on their email and password. The benefit of this method is that it requires the users to have both the correct cell phone number and the physical phone in their possession.