Our security architecture is designed with consideration of a broad range of acknowledged industry standards and frameworks. Here are a few ways we make security a priority in the way we work on a daily basis.
Large financial institutions partner with DivDot to ensure security and compliance. Our system integrates with the same secure systems they use, ensuring bank-grade security for your transactions every step of the way.
Our partnership with the Bank Of Montreal enables us to process bank-to-bank transfers entirely in-house which guarantees full control over your money at all times.
The DivDot infrastructure is hosted with GCP (Google Cloud Platform), one of the leading hosting providers in the world. Their services are certified with ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018 and SOC 1/2/3.
In accordance with industry best practices, we strictly separate cloud environments for development and production servers. To avoid security or privacy incidents and errors, we apply distinct security guidelines for each environment and allow minimum access to data that is needed by the requesting entity.
All customer data is treated as equally sensitive and under stringent control. Access to customer data is highly restricted and only granted when absolutely necessary and in accordance with our compliance. Only authorized employees within DivDot have access to customer data.
Our internal team of experts is there for you to quickly resolve issues and questions whenever needed.
All data sent between our customers and our applications is encrypted in transit and in rest to protect it from unauthorized disclosure or modification. We use 256-bit SSL encrypted payments, the same standards adopted by governments and financial institutions.
When using our online bank login feature, we validate whether your counterpart has enough funds in their account before performing a transaction to make sure you don't have to deal with NSF's.
DivDot uses Flinks to connect securely with your bank account. As the leading provider for financial data connectivity in Canada, Flinks is compliant with well-known standards and frameworks such as ISO 27001, NIST and SOC 2. To find out more, visit Flinks security.
DivDot is a registered money services business regulated by FINTRAC, the Financial Transactions and Reports Analysis Centre of Canada.
FINTRAC is the agency of the Government of Canada responsible for facilitating the detection, prevention and deterrence of money laundering, terrorist activity financing and other threats to the security of Canada.
All transactions are processed via direct debit/direct credit payments. These are considered electronic transfer of funds (EFT) through the ACH (Automated Clearing House) system. The ACH is a centralized architecture that connects banks.
With EFT, money is sent directly from one account to another. EFT is a fast, secure and convenient way to process transactions using the infrastructure built and monitored by Payments Canada (for more information, visit Payments Canada).
DivDot maintains an A-rating by the Better Business Bureau. For more information, view the full BBB profile.