Hydrogen Achieves SOC 2 Type 2 Compliance - Hydrogen
Hydrogen Achieves SOC 2 Type 2 Compliance

Hydrogen Achieves SOC 2 Type 2 Compliance

Hydrogen has been certified as SOC 2 Type 1 and Type 2 compliant by industry leading auditing firm Armanino! With this new milestone, Hydrogen becomes one of the earliest stage companies in the entire SaaS industry to get this prestigious level of security compliance. We strongly believe in transparency. Thus, you can download the report on our website below:

This audit was nearly a year long endeavor. The auditing firm looks at over 200 items when measuring SOC 2 compliance in the following categories:

  • Control Environment
  • Logical and Physical Access Controls
  • Control Activities
  • Communication and Information
  • Risk Mitigation
  • Risk Assessment
  • Additional Criteria for Availability
  • Additional Criterial for Confidentiality
  • System Operations
  • Change Management

SOC 2 Background

The System and Organization Controls (SOC) are standards created by the American Institute of CPAs (AICPA). There are three types of SOC reports, including SOC 1 (financial controls), SOC 2 (very detailed audit of a company’s security controls), and SOC 3 (very condensed version of the SOC 2 meant for public consumption).

Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy. These reports are intended to meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems.

Similar to a SOC 1 report, there are two types of reports: A type 2 report on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of controls; and a type 1 report on management’s description of a service organization’s system and the suitability of the design of controls. Use of these reports are restricted.

These reports can play an important role in:

  • Oversight of the organization
  • Vendor management programs
  • Internal corporate governance and risk management processes
  • Regulatory oversight

Hydrogen Compliance Standards

Hydrogen is now compliant with the following standards:

  • SOC 2 Part1 and Part 2
  • PCI Level 2
  • CCPA
  • Reg B, Reg E, Reg Z, UDAAP, and FCRA

When you sign up for Hydrogen and use our Debit or Credit products, we roll up your card programs under these compliance standards, saving you over $250k per year in fees, and thousands of hours dealing with auditors!

hydrogen

Embedded Finance Made Simple
The Crypto Spend Card is issued by Pathward, N.A., Member FDIC, pursuant to a license from Visa U.S.A. Inc. The Crypto Spend Card may be used everywhere Visa debit cards are accepted.

The Crypto Spend Card is not currently available in Hawaii.

The Select Visa® Card is issued by Pathward, N.A., Member FDIC, pursuant to a license from Visa U.S.A. Inc. The Select Visa® Card may be used everywhere Visa debit cards are accepted.

The Select Prepaid Mastercard® is issued by Pathward, N.A., Member FDIC, pursuant to license by Mastercard International Incorporated. Mastercard® is a registered trademark, and the circles design is a trademark of Mastercard International Incorporated. The Select Prepaid Mastercard® may be used everywhere Debit Mastercard® is accepted.

Cash back and other merchant rewards are not offered or endorsed by Pathward, N.A.

Cryptocurrency custody services and the purchase, sale, or exchange of fiat funds for cryptocurrency are not offered or endorsed by Pathward, N.A. Cryptocurrency transaction and custody services are powered by Zero Hash LLC and Zero Hash Liquidity Services LLC. You must agree to the Zero Hash LLC and Zero Hash Liquidity LLC terms and conditions to enable your Zero Hash account. Cryptocurrency balances are not covered by FDIC or SIPC insurance.

Digital assets are subject to a number of risks, including price volatility. Transacting in digital assets could result in significant losses and may not be suitable for some consumers. Digital asset markets and exchanges are not regulated with the same controls or customer protections available with other forms of financial products and are subject to an evolving regulatory environment. Digital assets do not typically have legal tender status and are not covered by deposit protection insurance. The past performance of a digital asset is not a guide to future performance, nor is it a reliable indicator of future results or performance.
By using this website, you agree to our use of cookies, and you acknowledge that you have read and understand our Privacy Policy and Terms of Use   Continue
Close Menu