Hydrogen prides itself on having world class security of your customers' financial data.
Hydrogen uses a 256 bit SSL encrypted connection from AWS to secure the transmission and storage of your private information. All PII data is encrypted at rest and in transit. All API connections must be HTTPS.
Hydrogen's cloud servers are hosted at industry leader Amazon Web Services (AWS). Amazon VPC and API access is through ALBs running WAF, with enhanced OWASP. Security events are monitored by Cloudwatch.
Hydrogen uses OAuth 2.0 authorization. Our access control list has eight authorities and four permission types for sensitive data. Google Authenticator MFA is installed for all sensitive authorizations.
Industry Leading Testing
Hydrogen performs yearly third-party API penetration tests with Coalfire. Continuous code quality reviews and static code analysis are done with SonarCube. Periodic vulnerability scanning is performed with Netsparker.
Hydrogen offers PCI Level 2 certification for all Cards users. This means all of your card data is encrypted and stored in a compliant manner, savings you thousands of dollars on compliance.
SOC2 & CCPA Compliance
Hydrogen offers SOC2 & CCPA compliance to all users. This means all of your PII is encrypted and presented in a compliant manner, savings you thousands in potential legal fees.