Yes, it is! We use Secure Socket Layer (SSL) connections both for the website and for the platform.
We make sure to authenticate all our users before we authorize them to open an accounts, and then users should login.
Also, we don't save your password. Instead, it's saved in an encrypted form! This makes it impossible to restore the initial password through its encrypted version.
To continue, we use the Auth 2.0 protocol to authorize LeggUP to link with your Google and LinkedIn accounts.
In addition, we have built our infrastructure using different Amazon services! Such as:
Amazon EC2 instance
Amazon S3 service
Amazon Route 53
Amazon Relational Database Service AWS Elemental MediaConvert
Through this, we are able to guarantee the highest level of security and safety of your information.
We save your personal information, such as your name, DOB, country, and email in our database. To increase the security, safety, and data within our database (including your personal information), we use Amazon RDS service as our DB instance.
Here’s how we manage access to our DB:
We use AWS Identity and Access Management (IAM) policies to assign permissions that allow selected users to manage RDS resources.
We use security groups to control what IP addresses or Amazon EC2 instances can connect to our database.
We use Amazon's firewall to prevent database access, except through rules specified by an associated security group.
We use Secure Socket Layer (SSL) connections for our DB instance.
We use RDS encryption to secure our database. RDS encryption uses the industry standard AES-256 encryption algorithm to encrypt your data on the server that hosts our RDS instance.
We use the security features of our DB engine to control who can login to the database on a DB instance, just as we would do if the database was on our local network.
We don't save your payment information (both used for ID verification and banking account data) in our database. We use a highly respected and secure payment service, Stripe, to enable the payments in our platform. Stripe gathers and saves your payment information.
Stripe has been audited by an independent PCI Qualified Security Assessor (QSA) and is certified as a PCI Level 1 Service Provider. This is the most stringent level of certification available in the payments industry!
We use Stripe.js forms to collect your data. All sensitive information is handled by Stripe.js. Stripe saves sensitive information encrypted on disk with AES-256. Decryption keys are stored on separate machines, and we use SSL connection to send your data to Stripe.
While this may be a lot of information, but we would like all LeggUP users to know exactly how safe and secure our platform is!