HOW DOES DIVDOT ENSURE MAXIMUM PROTECTION

Security is always top of mind.

Our security architecture is designed with consideration of a broad range of acknowledged industry standards and frameworks. Here are a few ways we make security a priority in the way we work on a daily basis.

Bank-Grade Security
Cloud Development Best Practices
In-House Support
256-bit SSL Encryption
NSF Prevention
Secure Bank Connections
Regulated by FINTRAC
Direct Bank-To-Bank Transfers
BBB Accredited A-Rating

System Security

Bank-Grade Security

Large financial institutions partner with DivDot to ensure security and compliance. Our system integrates with the same secure systems they use, ensuring bank-grade security for your transactions every step of the way. 
Our partnership with the Bank Of Montreal enables us to process bank-to-bank transfers entirely in-house which guarantees full control over your money at all times.

Trusted Providers

The DivDot infrastructure is hosted with GCP (Google Cloud Platform), one of the leading hosting providers in the world. Their services are certified with ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018 and SOC 1/2/3.

Separation of Duties

In accordance with industry best practices, we strictly separate cloud environments for development and production servers. To avoid security or privacy incidents and errors, we apply distinct security guidelines for each environment and allow minimum access to data that is needed by the requesting entity. 

Access to Data

All customer data is treated as equally sensitive and under stringent control. Access to customer data is highly restricted and only granted when absolutely necessary and in accordance with our compliance. Only authorized employees within DivDot have access to customer data. 

In-House Support

Our internal team of experts is there for you to quickly resolve issues and questions whenever needed. 

Back to Top

Application Security

Encryption

All data sent between our customers and our applications is encrypted in transit and in rest to protect it from unauthorized disclosure or modification. We use 256-bit SSL encrypted payments, the same standards adopted by governments and financial institutions.

NSF Prevention

When using our online bank login feature, we validate whether your counterpart has enough funds in their account before performing a transaction to make sure you don't have to deal with NSF's.

Secure Bank Connections

DivDot uses Flinks to connect securely with your bank account. As the leading provider for financial data connectivity in Canada, Flinks is compliant with well-known standards and frameworks such as ISO 27001, NIST and SOC 2. To find out more, visit Flinks security.

Back to Top

Compliance Standards

Regulated by FINTRAC Canada

DivDot is a registered money services business regulated by FINTRAC, the Financial Transactions and Reports Analysis Centre of Canada. 
FINTRAC is the agency of the Government of Canada responsible for facilitating the detection, prevention and deterrence of money laundering, terrorist activity financing and other threats to the security of Canada.

Direct Bank-To-Bank Transfers

All transactions are processed via direct debit/direct credit payments. These are considered electronic transfer of funds (EFT) through the ACH (Automated Clearing House) system. The ACH is a centralized architecture that connects banks.
With EFT, money is sent directly from one account to another. EFT is a fast, secure and convenient way to process transactions using the infrastructure built and monitored by Payments Canada (for more information, visit Payments Canada).

BBB Accredited A-Rating

DivDot maintains an A-rating by the Better Business Bureau. For more information, view the full BBB profile.

Back to Top

Trusted and regulated