Security & Anti-Fraud
Hydrogen prides itself on having world class security and anti-fraud policies to protect your customers' financial data.
Hydrogen offers SOC2 certification to all users. This means we have passed through an extensive year-long 3rd party audit of all our security policies and technology systems.
Hydrogen offers PCI Level 2 certification on all debit programs. This means all of your card data is encrypted and stored in a compliant manner, savings you thousands of dollars on compliance.
Enhanced KYC & AML
Hydrogen has added layers of anti-fraud and AML on top of standard bank systems, so you won't lose millions on product launch patching holes. This includes leading tools such as biometric face scans, document verification, and user behavior tracking.
Fraud Blocks & Flagging
Hydrogen not only provides the framework to flag potential fraud, but also automates orchestrations across the platform to follow through. This includes blocking fraudulent users, removing bank links, declining transactions, closing cards, unloading funds, and more.
Hydrogen uses a 256 bit SSL encrypted connection from AWS to secure the transmission and storage of your private information. All PII data is encrypted at rest and in transit. All API connections must be HTTPS.
Hydrogen's cloud servers are hosted at industry leader Amazon Web Services (AWS). Amazon VPC and API access is through ALBs running WAF, with enhanced OWASP. Security events are monitored by Cloudwatch.
Hydrogen uses OAuth 2.0 authorization. Our access control list has eight authorities and four permission types for sensitive data. Google Authenticator MFA is installed for all sensitive authorizations.
Industry Leading Testing
Hydrogen performs yearly third-party API penetration tests with Coalfire. Continuous code quality reviews and static code analysis are done with SonarQube. Periodic vulnerability scanning is performed with Netsparker.