Security is the top priority of Inverite Insights

The Inverite platform was designed from the ground up around data security and privacy using the Payment Card Industry Data Security Standard (PCI DSS) as a guideline and has had a AICPA SOC 2 Type 1 report prepared by AuditWerx, a division of Carr, Riggs and Ingram Capital LLC. Our SOC 2 Type 1 report is confidential but available upon request.

Data Security

All data transmitted to clients is done so using strong TLS 1.2+ encrypted channels and private API keys. Client portal access will be restricted with username and password requirements for minimum strength.

 

All services are segmented in a Virtual Private Cloud (VPC), and all public communication between Inverite services uses TLS 1.3 encryption. All instances use encrypted drives and all relational data is also encrypted at rest.

 

Employee access to servers is only possible through a VPN using multi-factor authentication.

All Inverite services are hosted with Amazon Web Service’s Montreal facility. This facility is PCI DSS 3.2 compliant.

No third-party vendors are ever provided access to any systems, software or data.

A variety of internal, external and third party scanning services run at regular intervals. These check for network and software vulnerabilities or weaknesses.

Additional optional Clients security features including API IP whitelisting and multi-factor authentication during login for dashboard users.

Regulatory Compliance and Open Banking

Although currently unregulated, it is our expectation that the Government of Canada will soon be regulating Open Banking / Consumer-directed finance. We are looking forward to this as it will address many of the security issues surrounding screen-scraping and lead to higher levels of consumer confidence and satisfaction. In anticipation of this, Inverite is a proud member of Financial Data Exchange and is a founding member of the FDX Canada and active in several working groups and technical task forces. Inverite is also a member of FDATA, an open-banking lobbying organisation that was heavily involved in the rollout of Open Banking in the UK.