Bank grade security
Truss partners with Thread Bank to ensure security and compliance. Our system integrates with the same secure systems they use, ensuring bank-grade security for your transactions every step of the way.
The Truss infrastructure is hosted with GCP (Google Cloud Platform), one of the leading hosting providers in the world. Their services are certified with ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018 and SOC 1/2/3.
Separation of duties
In accordance with industry best practices, we strictly separate cloud environments for development and production servers. To avoid security or privacy incidents and errors, we apply distinct security guidelines for each environment and allow minimum access to data that is needed by the requesting entity.
Access to data
All customer data is treated as equally sensitive and under stringent control. Access to customer data is highly restricted and only granted when absolutely necessary and in accordance with our compliance. Only authorized employees within Truss have access to customer data.
Our internal team of experts is there for you to quickly resolve issues and questions whenever needed.
All data sent between our customers and our applications is encrypted in transit and in rest to protect it from unauthorized disclosure or modification. We use 256-bit SSL encrypted payments, the same standards adopted by governments and financial institutions.
When using our online bank login feature, we validate whether your counterpart has enough funds in their account before performing a transaction to make sure you don't have to deal with NSF's.
Secure bank connections
Truss uses Plaid to connect securely with your bank account. Plaid is compliant with well-known internationally-recognized security standards like ISO 27001, ISO 27701, and SSAE18 SOC 2. To find out more, visit the Plaid website.
We double up on security by protecting your Truss account with two-factor authentication (2FA). Two-factor authentication protects your account from a potential compromise by requiring two methods to verify your identity.
Truss' advanced fraud detection algorithms keep funds safe from bad actors at all times.
SOC 1 and SOC 2 audited
The audit was conducted by Dansa D’Arata Soucia LLP (www.darata.com). In doing so, Truss maintains its adherence to one of the most stringent, industry-accepted auditing standards for service companies and provides additional assurance to its clients, through an independent auditor, that its business process, information technology and risk management controls are properly designed. Learn more at www.aicpa.org/soc4so.
FDIC Insurance is provided through Thread Bank; Member FDIC. The Federal Deposit Insurance Corporation (FDIC) is an independent agency created by Congress to maintain stability and public confidence in the nation's financial system. Deposit insurance is one of the significant benefits of having an account at an FDIC-insured bank—it’s how the FDIC protects your money in the unlikely event of a bank failure. Learn more at https://www.fdic.gov/resources/deposit-insurance/
Direct bank-to-bank transfers
All transactions are processed via direct debit/direct credit payments. These are considered electronic transfer of funds (EFT) through the ACH (Automated Clearing House) system. The ACH is a centralized architecture that connects banks.