Security & Data Handling
Noda Security
Use of Cloud Infrastructure Providers
Noda uses cloud infrastructure to build our applications and services. Modern cloud service providers are some of the most secure globally, investing millions of dollars to ensure the highest safety standards. Plus, they continuously upgrade and refine their systems to make them even more impenetrable and secure. Working with well-known global providers of cloud infrastructure security is the key factor for building Noda’s information security programme.
Data Encryption Approach
Noda encrypts all sensitive data simultaneously on two layers. We use the Transport Layer Security (TLS) protocol when information is transferred between network servers, and we apply the Advanced Encryption Standard (AES) when the data is stored. Utilising this two-layered encryption approach enables us to minimise potential safety concerns as sensitive data remains encrypted even on those rare occasions when one of the components is compromised.
Automated Alerts System
24/7 Tech Support Team
Certification
Noda regularly obtains relevant certifications and maintains up-to-date PCI DSS and PCI SSLC licenses. Payment Card Industry Data Security Standard (PCI DSS) is the industry benchmark aimed at reducing payment fraud by enhancing data protection controls. Meanwhile, the PCI Secure Software Lifecycle Standard (PCI SLLC) ensures that payment software vendors incorporate security throughout the software development lifecycle, producing applications that are secure by design and robust against attacks. These licenses are administered by the PCI Security Standards Council (PCI SSC).
MFA
At Noda, we understand that achieving maximum information security requires focusing on both external and internal environments. That's why we implement Multi-Factor Authentication (MFA) for our employees to access all critical internal platforms. MFA adds an extra layer of authentication, which helps prevent unauthorised access to data through internal systems.
Information Security Team Monitoring
All components of Noda’s products, including Noda API, are being continuously monitored and inspected by our IT security team. This team consists of IT experts who regularly attend professional conferences and engage in ongoing education within their field.
Bug Bounty Program
Our bug bounty program welcomes any developers who identify as a hackers. If you or your colleagues discover any flaws, shortcomings, or vulnerabilities in our security systems or have suggestions to enhance the functionality of Noda API endpoints, you can participate in our program and receive a reward. To report an issue or make a suggestion, simply email our security team at security@noda.live. The reward amount varies based on the severity of the shortcoming or vulnerability.
Noda Handles Your Customers’ Data
Insert IBAN for manual payment
1
2
3
4