Enterprise-Grade Security
Protecting sensitive financial and identity data is our top priority. Learn about the comprehensive security measures we implement to keep your data safe.
Security Measures
Multiple layers of protection for your sensitive data
Encryption at Rest
All data is encrypted using AES-256 encryption. Sensitive PII is stored in dedicated secure vaults with additional encryption layers.
Encryption in Transit
All connections use TLS 1.3 encryption. We enforce HTTPS everywhere and use certificate pinning for mobile applications.
Access Control
Role-based access control (RBAC) ensures users only access data they need. All access is logged and auditable.
Multi-Factor Authentication
MFA is required for all platform users. We support authenticator apps, hardware keys, and SMS backup codes.
Infrastructure Security
Hosted on SOC 2 compliant infrastructure with DDoS protection, WAF, and network isolation between tenants.
Threat Detection
Real-time monitoring for anomalous activity, automated threat response, and 24/7 security operations.
PII Handling
How we protect personally identifiable information
| Data Type | Storage Method | Access Control |
|---|---|---|
| SSN | SHA-256 hash + encrypted vault | Verification providers only |
| Hashed in database | Secure viewer with audit log | |
| Phone | Hashed in database | Secure viewer with audit log |
| ID Documents | AES-256 encrypted storage | Time-limited secure URLs |
Certifications & Compliance
Our ongoing commitment to security standards
SOC 2 Type II
Security, availability, and confidentiality controls
Target: Q4 2026
SOC 2 Type I
Initial security controls assessment
Target: Q2 2026
ISO 27001
Information security management system certification
Target: 2027
Incident Response SLAs
Our commitment to rapid response when issues arise
| Severity | Response | Resolution |
|---|---|---|
| Critical | 15 minutes | 4 hours |
| High | 30 minutes | 8 hours |
| Medium | 2 hours | 24 hours |
| Low | 8 hours | 72 hours |
Report a Vulnerability
We appreciate responsible disclosure of security issues
If you discover a security vulnerability, please report it to:
security@verit.ioWe will acknowledge receipt within 24 hours and work with you to understand and resolve the issue.