Security is Built In, Not Bolted On
Enterprise-grade security and compliance for every transaction, supported by audited controls, encryption by default, and continuous monitoring. LiquidTrust is built from the ground up to protect your platform, your users, and their financial data.
Compliance & Certifications
We meet the highest industry standards for security, privacy, and compliance.
SOC 2 Type II
Audited annually
ISO 27001
Certified
PCI DSS Level 1
Compliant
GDPR
Compliant
Our SOC 2 Type II audit covers security, availability, processing integrity, confidentiality, and privacy controls. Audit reports are available to customers under NDA. We undergo independent audits and maintain processes to continuously assess and improve our security posture.
How We Protect Your Data
Multiple layers of security protect every aspect of our platform.
Encryption Everywhere
AES-256 encryption at rest and TLS 1.3 in transit. All sensitive data is encrypted using industry-standard protocols with secure key management and rotation.
Infrastructure Security
Hosted on AWS with redundancy, DDoS protection, and centralized monitoring of systems. Network segmentation and least-privilege access controls protect our infrastructure.
Access Controls
Role-based access control (RBAC), multi-factor authentication (MFA), and SSO support for enterprise customers. Internal access is governed by role-based controls and periodic reviews.
Application Security
Regular penetration testing, automated security scanning, and secure development lifecycle (SDLC) practices with design review for material changes.
24/7 Monitoring
Real-time threat detection, automated alerts, and dedicated security operations team monitoring all activity through centralized logging and alerting systems.
Incident Response
Documented incident response and escalation procedures with defined escalation paths and customer notification protocols.
Secure Development Lifecycle
Security is integrated into our development process from design through deployment.
Secure design and review for material changes
Secure coding standards
Dependency and vulnerability management
Secrets and configuration management
Alignment with OWASP Top 10 guidance
Testing & Assurance
We regularly assess our security posture through independent testing and ongoing security assessment.
Periodic third-party penetration testing
Vulnerability scanning of internet-facing systems
Remediation of identified issues as appropriate
Data Protection & Privacy
Data Encryption
All data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. Encryption keys are managed using AWS KMS with automatic rotation.
Data Residency
We offer data residency options for customers with specific regulatory requirements. Data can be stored in US, EU, or other geographic regions as needed.
Data Retention
Customer data is retained according to your preferences and regulatory requirements. We support automated data deletion and provide tools for data export. Retention configuration options are available.
Privacy Compliance
We comply with GDPR, CCPA, and other global privacy regulations. We provide data processing agreements (DPAs) and serve as a compliant data processor. DPAs are available upon request, and subprocessor information is available to customers upon request.
Responsible Disclosure
We take security vulnerabilities seriously and welcome good-faith security research. If you've discovered a security issue, please report it to our security team. We acknowledge reports in a timely manner and work to address valid concerns.
Third-Party Security
We maintain a vendor risk management program and review vendors prior to onboarding and on an ongoing basis. All third-party vendors undergo security assessments before integration.
Employee Access
Employee access to customer data is strictly limited on a need-to-know basis with least-privilege access principles. All employees undergo background checks and security training. We conduct periodic access reviews and maintain appropriate logging of administrative access.