Security

Built like
a bank.
Designed like a notepad.

Money software is invisible when it works and catastrophic when it doesn't. Security is not a feature here — it's the substrate every BINKPAY product is built on.

PCI · ISO · SOC 2256-bit AES · TLS 1.3Multi-AZ infrastructure

256-bit

Encryption

24/7

On-call security

15 min

Incident response

Zero

Disclosed breaches

Six layers

Defense, in depth.

Every transaction passes through six independent layers of security — encryption, authentication, fraud monitoring, audit, infrastructure controls, and incident response. No single layer ever stands alone.

Encryption

At rest & in flight

TLS 1.3 in transit. AES-256-GCM at rest. Card PAN/CVV are envelope-encrypted with column-level KMS.

Authentication

Two-factor by default

TOTP and SMS/email OTP available on every sensitive action: logins, transfers, card reveal, settings change.

Fraud

Anti-fraud monitoring

Velocity checks, behavioural fingerprinting, and human review for unusual activity. 24/7 risk operations team.

Audit

Full audit trail

Every admin action and every ledger entry is recorded immutably for compliance. Seven-year retention.

Infrastructure

Defense in depth

Hardened infrastructure, segregated environments, principle of least privilege, quarterly penetration testing.

Response

24/7 incident response

On-call security engineers, 15-minute response SLA, and a published responsible-disclosure policy.

Responsible disclosure

security@binkpay.net

Found a security issue? We acknowledge every report within 24 hours, fix critical issues within 72 hours, and run a public bounty program with verified-finding rewards from $250 to $10,000.

Built like a bank

Money software
is invisible
until it isn't.

Every BINKPAY product inherits the same security substrate — encryption, authentication, fraud monitoring, audit, infrastructure, and incident response. Verified end-to-end.

See compliance Report a vulnerability

Built likea bank.Designed like a notepad.