Security overview

 

Security is paramount when dealing with financial transactions and payments. For over 10 years, XTRM has developed and deployed the following advanced and qualified integrated security measures. 

 

Complex password access

All-access is via complex minimum 8 character passwords with numbers and special characters required.


SHA encryption with salt

All passwords unencryptable.

Access lockout

Repeated failed attempts to access system blocks users and is logged.

 

IP based access

Specific IP based security for controlled access.


Location based access

Location based restrictions


One Time Passwords (2 step authentication)

Device and IP based


Advanced role based access

Strict role based access controls allowing muti-tiered, multi user access.


Real time KYC validation  (Know your customer)

Instant checks on individual and company details during profile setup and payments


Real time AML validation  (Anti money laundering)

Instant rule checks on individual and company payments activity.


Secure encrypted data

Data encrypted using state of the art encryption methods static and in transit. Details on request.

 

Regular independent site scans

Regular third party scans of servers using Veracode and Trustwave to ensure no vulnerabilities including static and dynamic scans.

 

Firewall protection

Secure firewall protection.

 

WEB application firewall

Protection against DOS and DDOS attacks, including spam bots and SQL injection attacks.


Physically secure servers

All servers in carefully monitored restricted site with secure passkey access.


SOC1 and SOC2 compliant

Documents on request


PCI compliant

External vulnerability testing. 


Security policies

Documented security policies in place.