Product Security

‍

Two Factor Authentication

We require two-factor authentication (2FA) for all Infinite Giving accounts- it can not be disabled.

‍

Permissions

We enable permission levels within our dashboard. Permissions can be set to allow money movements, account creation, and view only balance information.

‍

Password and Credentials

Infinite Giving enforces a password complexity standard and credentials are stored using a PBKDF function (bcrypt).

‍

Uptime

Infinite Giving's status and uptime is available anytime here.

‍

‍

Network and Application Security

‍

US Data Hosting and Storage

Infinite Giving services and data are hosted in Amazon Web Services (AWS) facilities in the US only.

‍

Virtual Private Cloud

All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorized requests getting to our internal network.

‍

Data Backups

All data stored within Infinite Giving is routinely backed-up and logged.

‍

Permissions and Authentication

Access to customer data is limited to authorized employees who require it for their job. Infinite Giving runs a zero-trust corporate network. There are no corporate resources or additional privileges from being on Infinite Giving's corporate network.

‍

Encryption

All data sent to or from Infinite Giving is encrypted in transit using 256 bit encryption. Our API and application endpoints are TLS/SSL only. We also encrypt data at rest using an industry-standard AES-256 encryption algorithm.

‍

‍

Additional Security

‍

Training

All employees complete annual security and awareness training.

‍

Confidentiality

All employee contracts include a confidentiality agreement.

‍

‍

Security questions?

‍

If you think you may have found a vulnerability or have a security question, please reach out to our security team.

Contact our security team.