Security - Trust Center
Effective Date/Last Updated: January 1, 2020
Zipi protects your data with encryption in transit and at rest, providing organization-wide protection mechanisms options such as SSO and enforced 2FA. Thank you for visiting the www.zipi.app website.
Where are Zipi servers located?
Zipi services are delivered utilizing company owned and partner systems primarily hosted on the Google Cloud Platform in the United States.
Data Security Measures
Zipi’s network systems are configured with a distributed stateful firewall, meaning that connections are allowed/denied at the per instance level. This is unlike typical networks where the firewall follows a perimeter based security model. The distributed firewall is one part of the architecture that allows for this fine-grained access control.
Zipi has also adopted zero-trust networking policies into it’s systems architecture which means that each request (originating from within or outside of the network) needs to be verified.
We allow for authenticated and authorized systems/users to transfer information through encrypted routes using a RESTful API.
Zipi and it’s business partners undergo information security audits.
Zipi Pay
Although the ACH network may be used in a Zipi Pay transactions we do not represent money transfers through Zipi Pay as such. Zipi Pay is a proprietary secure electronic funds transfer platform that enables seamless money transfers from one account to another. These transfers between financial institutions are facilitated through a trusted tokenization system.
Security Vulnerabilities
For the safety of our users and community security vulnerabilities are only announced after remediation. We ask that researchers follow our Responsible Disclosure Policy.
We reserve the right to add, modify or otherwise update these Security policies at any time and in our sole discretion.
