Security
Security is fundamental to everything we build. Transfer Hub is designed from the ground up to protect your data, your transactions, and your clients.
Our security practices
Encryption
All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Sensitive fields like bank account details use additional application-level encryption.
Authentication
Secure password hashing with bcrypt, session management with signed JWTs, and role-based access controls across every endpoint.
Infrastructure
Hosted on secure, managed infrastructure with automated backups, network isolation, and DDoS protection.
Audit trail
Every action on the platform is logged in an immutable ledger. Full transaction history with timestamps and actor identification.
Compliance controls
Built-in KYC/KYB verification, admin approval workflows, and transaction monitoring to meet regulatory requirements.
Regular audits
We conduct regular security assessments and penetration testing. Our code undergoes continuous security review.
Access controls
Granular role-based permissions ensure users only access what they need. Admin actions require explicit authorization.
Incident response
Documented incident response procedures with defined escalation paths. We notify affected users promptly of any security events.
Responsible disclosure
If you discover a security vulnerability in Transfer Hub, we encourage you to report it responsibly. Please contact security@transferhub.com with details. We will investigate and respond within 48 hours.