Trust Portal

Start your security review
Search items
ControlK

Overview

Peach’s technology and information security program is designed to exceed industry standards. We use a variety of controls to ensure that lender and borrower information stays secure, and we’re committed to an API-first approach to designing and developing features.

Compliance

HIPAA Logo
HIPAA
PCI DSS Logo
PCI DSS
SOC 1 Logo
SOC 1
SOC 2 Logo
SOC 2
Start your security review

Peach is trusted by:

Square-company-logoSquare
Remitly-company-logoRemitly
Lendable-company-logoLendable
Mission Lane-company-logoMission Lane
SnapPay-company-logoSnapPay

Documents

All
Public
Private
HIPAA Report
Network Diagram
Other Reports
PCI DSS
Pentest Report
SOC 1 Report
SOC 2 Report
HIPAA
PCI DSS
SOC 1
SOC 2
Product Architecture
Encryption-at-rest
Encryption-in-transit
Cyber Insurance
Penetration Testing
Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
Asset Management Policy
Backup Policy
Business Continuity Policy
BYOD Policy
Data Classification Policy
Data Sanitization Policy
Data Security Policy
Encryption Policy
General Incident Response Policy
Information Security Policy
Internal and External Communication Policy
Network Security Policy
Other Policies
Password Policy
Physical Security
Risk Management Policy
Software Development Lifecycle
Third Party Personnel Policy
Disaster Recovery - DB Recovery Test
Penetration Test Summary

Risk Profile

Data Access LevelRestricted
Impact LevelSubstantial
Critical DependenceYes
View more

Product Security

Audit Logging
Data Security
Multi-Factor Authentication
View more

Reports

HIPAA Report
Network Diagram
Other Reports
View more

Self-Assessments

We are working on our security compliance. We can provide completed questionnaires upon request.

Data Security

Access Monitoring
Backups Enabled
Data Erasure
View more

App Security

Responsible Disclosure
Bot Detection
Code Analysis
View more

Legal

SubprocessorsGoogle Cloud-company-logoDatadog,-company-logoGitHub-company-logoFirst Citizens Bank-company-logoExperian-company-logo
Customer Audit Rights
Cyber Insurance
View more

Data Privacy

Privacy of customer data is top of mind. We follow industry best practices and follow all applicable privacy regulations.

Access Control

Data Access
Logging
Password Security

Infrastructure

Status Monitoring
Anti-DDoS
BC/DR
View more

Endpoint Security

Disk Encryption
DNS Filtering
Endpoint Detection & Response
View more

Network Security

Data Loss Prevention
Firewall
IDS/IPS
View more

Corporate Security

Asset Management Practices
Email Protection
Employee Training
View more

Policies

Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
View more

Trust Center Updates

"Mother of all Breaches" (MOAB)

GeneralCopy link

After reviewing the findings released related to the "Mother of All Breaches" cybersecurity incident on January 23, 2023, we can assure that after a comprehensive review, Peach systems, product, customers, consumers, or data have not been directly impacted by this breach.

We will continue to monitor the situation, particularly regarding the status of our critical vendors, who at this time have not been identified as affected, and are prepared to implement swift and effective measures to mitigate any potential threats that may arise from this incident.

Regards,

Peach Information Security

Published at N/A*

MoveIt Vulnerability

VulnerabilitiesCopy link

To whom it may concern,

Peach Finance Inc. wants to share an important update regarding the MoveIt Vulnerability that has been making headlines. On June 15, 2023, Progress Software released a security advisory highlighting a privilege escalation vulnerability (CVE-2023-35708) in the Managed File Transfer Software called MOVEit Transfer. This vulnerability could potentially allow cyber threat actors to gain control of affected systems.

We understand that security is a top priority for our customers, and we want to assure you that Peach Finance Inc. is not affected by the MoveIt Vulnerability. After conducting a thorough review of our systems and operations, we found no approved relationship with this vendor. Additionally, we have no record of transfers to or from any customer using this vendor.

We remain committed to maintaining the highest level of security and privacy for your financial transactions and continuously monitor and assess potential vulnerabilities to ensure the integrity and confidentiality of your information. Rest assured, our systems are secure and unaffected by CVE-2023-35708.

Should you have any concerns or questions, our customer support team is here to assist you. Please don't hesitate to reach out if you need any further information or assistance.

In case you may be affected in other parts of your business you can read more about CVE-2023-35708 here.

Regards,

Peach Team

Published at N/A

If you need help using this Trust Center, please contact us.

Contact Support

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Powered bySafeBase Logo