Trust
Security is the product.
You're trusting us with money. We treat that responsibility as foundational — not as a checklist.
SOC 2 Type II
Annual independent audit covering security, availability, and confidentiality. Latest report available under NDA.
PCI DSS Level 1
The highest level of card data security. Validated yearly by a Qualified Security Assessor.
Encryption everywhere
TLS 1.3 in transit. AES-256 at rest. Field-level encryption for PII. Keys managed in AWS KMS with HSM backing.
Zero-trust access
SSO + hardware key MFA required for all employees. Production access is just-in-time, fully audited, and never persistent.
Continuous monitoring
24/7 SOC, behavioral anomaly detection, and real-time alerting across infrastructure and application layers.
Bug bounty
Public bug bounty with rewards up to $50,000. Responsible disclosure at security@nitrowallet.com.
Funds protection
Customer balances are held in segregated for-benefit-of accounts at our partner banks — never commingled with company assets. US balances are eligible for FDIC pass-through insurance up to applicable limits.