What security measures does your platform have in place?
We have the highest level of security, as we treat our platform as digital investable assets that are held to the same standards as banking.
Blockchain security access: There are two different apps running. Only the admin app is capable of making direct on-chain calls. We use AWS KMS for private key security for the minting wallet, which uses hardware security modules to limit unauthorized access.
User authentication: We use Auth0 to manage user authentication. We use the passwordless SMS login, which also mitigates the security vulnerability introduced by users who may otherwise utilize insecure password practices.
Payment Gateway security: We have a static/exclusive IP to connect to the payment gateway, which ensures that only requests performed from our server will be successfully completed. Also, besides the TLS security, all credit card information is sent to the payment gateway encrypted using a public key provided by them.
Database access: We follow secure standards for database use, including two-factor authentication and backups.
You May Also Like
Has a security audit been performed? If yes, what was the scope of the audit? Is an Executive Summary of the audit report available for review?
Yes. Each of our third-party vendors (Circle for transactions, Trulioo for KYC and fraud, Legal coun
Do you monitor for authentication attacks?
Rare Goods uses Auth0 (which supports the principle of layered protection in security) that uses a v
Please confirm if you are currently following any of these standards: PCI, SOC II, WCAG, ISO
Rare Goods uses Circle as our payment processing provider and Circle is compliant with PCI. No credi
