Security at Authenticate^®

Learn about the compliance standards Authenticate^® follows, including HIPAA and SOC 2, to guarantee the highest level of data security and privacy protection for our clients.

Compliance Measures at Authenticate^®

PROTECTING SENSITIVE USER INFORMATION

SOC 2 Type 2 and HIPAA Compliance

SOC 2 Type 2 Compliance: Our commitment to SOC 2 Type 2 standards involves thorough security measures that protect sensitive information from unauthorized access, ensuring reliability and integrity in managing client data.

HIPAA Compliance: We rigorously enforce HIPAA standards to safeguard sensitive data through comprehensive security protocols, maintaining the privacy and security of information.

ENSURING DATA PROTECTION AND PRIVACY

GDPR and CCPA Compliance

GDPR Compliance: The GDPR is an EU law on data protection and privacy. Authenticate^® ensures compliance by implementing strict data protection measures, obtaining user consent, providing data transparency, and enabling user rights such as data access and erasure.

CCPA Compliance: The California Consumer Privacy Act (CCPA) enhances privacy rights for California residents. Authenticate^® complies by ensuring data transparency, offering opt-out mechanisms, and enabling data deletion requests.

IMPORTANCE OF ETHICAL DATA USE

DPPA and GLBA Compliance

DPPA and GLBA Compliance: Our compliance with DPPA, and GLBA underscores our commitment to ethical data use, ensuring the privacy and accuracy of consumer information.

SAFEGUARDING CREDIT CARD INFORMATION

PCI DSS Compliance

PCI DSS Compliance: Authenticate^® adheres to PCI DSS requirements with strict security controls and monitoring to protect cardholder data, demonstrating our dedication to maintaining a trusted payment environment.

Explore Our Robust Compliance & Security Framework

Explore Knowledge Base

In Security We Trust

At Authenticate^®, trust is founded on robust compliance and privacy.

Learn More

Role-Based Access Control (RBAC)

Authenticate^® uses a three-tier RBAC system to ensure access is granted according to user roles.

Owners have full access, including billing information.
Admins can run checks and configure workflows but can't access billing or account management.
Viewers are limited to searching and viewing report only.

Cloud Backup

Authenticate^® partners with AWS for secure and encrypted data backups. Automated scheduling ensures regular backups, while geographically distributed storage enhances disaster recovery. Regular audits verify compliance with industry security standards.

Data Encryption

All customer data at Authenticate^® is encrypted. Data at REST is protected using AES-256 encryption, and data in transit is secured with TLS. Sensitive elements, such as access tokens and keys, are encrypted at the application level before storage.

DDoS Protection

We protect against DDoS attacks with rate limiting, IP blacklisting and whitelisting, along with continuous monitoring and adaptive security measures.