How secure is REMITR?
At REMITR, we take the security of your payments as our topmost priority. Our security practices are among the best in the industry. Amongst the security measures we put in place for you are:
Infrastructure and process:
- We use extremely secure servers and networks that use point to point vpn and/or firewalls to thwart any security attacks and bots
- Our process is audited by Grant Thornton, one of the leading audit firms in the world
- We are regulated by Fintrac, the Canada payments regulator who reviews our compliance policy
Security of funds:
- All customer funds are held in separate bank accounts with Royal Bank and Bank of Montreal in Canada
- We work with banks directly in other countries, thus ensuring safety and security of your payments
Remitware Payments Canada Inc. (REMITR) – Security Policy
Remitware Payments Canada Inc's. (RPCI) security policy is extremely stringent and designed with the interests of our customer in mind at all times. The term “Remitr” is used for the platforms denoting products of Remitware Payments Inc. USA (RPI) which are used by you on your mobile or on the web or any other web device, RPI application systems and databases and all other data that may be stored on digital media in our secure locations. RPCI provides the said products and platforms to you under license from RPI.
The specific details of our security policy are as set out hereunder.
Remitr is designed with a security-first mindset
- At RPI and RPCI, security is paramount and all of your information is always private by default.
- While processing your transactions we do not pass any sensitive personal or financial information to recipients, thereby removing significant information security risk.
- We utilize tokenization that replaces high-value data in a financial transaction with a time-based, tokenized message.
- All data-interchange between Remitr and its partners uses industry-leading bank-grade encryption.
Our infrastructure partners are industry leaders
- Our platform is built on top of a world-class cloud environment. Our cloud provider offers a highly secure environment.
- All your personal and transaction data is stored on servers physically located in the USA, thereby ensuring that there is no access whatsoever to any authority outside the territorial jurisdiction of the USA.
- We comply with local data storage requirements wherever required.
- Our web traffic is routed through an intelligent network to enhance performance and limit attacks.
- Our platform and systems are monitored and undergo routine penetration and intrusion testing to protect our customers from any future threat perceptions.
- When you register on the Remitr, we confirm and ensure that all communication is secured between your phone/computer and our servers.
- Every successful login to your Platform creates a temporary session which authorizes the connections between your Platform and our servers, thus ensuring that your session can never be hijacked.
- Your data resides on servers that are protected both physically and electronically.
- Our Platform-to-server communications are encrypted with 128-bit or greater encryption controlled by Transport Layer Security (TLS), and sit behind multiple layers of firewall and intrusion protection systems that protect and secure the data flow at every stage.
- We have implemented extremely robust and fault tolerant backup and fallback infrastructure which ensures protection of your data and transactions, and continuous operations in case of any infrastructure failure at our primary datacenter location.
- Our fallback infrastructure includes redundant links, redundant servers, continuous data replication, and redundant storage.
We ensure that your identity is secure with us
- We verify your phone number and/or email id when you first use the Remitr Platform. This ensures that only you can use the Remitr app on a phone which has your phone number, or an email id which belongs to you.
- Access to your account is always controlled by a password or PIN which is required at the time you login. Your PIN is never stored on our servers, hence cannot be stolen.
Security is never enough nor absolute
- Our security professionals bring a broad range of combined experience in the field and work hard to continually enhance our information security.
- We recommend you take certain basic steps as well. For example, we recommend that you do not share your account credentials with anyone or send sensitive information like bank account numbers or national ID/social security numbers via email, use strong passwords and do not write down your PIN or Passwords anywhere.
- If you have any questions at all or concerns regarding security please feel free to write to us on firstname.lastname@example.org.