Security - Trust Center

Effective Date/Last Updated: January 1, 2020

  • Zipi protects your data with encryption in transit and at rest, providing organization-wide protection mechanisms options such as SSO and enforced 2FA. Thank you for visiting the website.
Where are Zipi servers located?
  • Zipi services are delivered utilizing company owned and partner systems primarily hosted on the Google Cloud Platform in the United States.
Data Security Measures
  • Zipi’s network systems are configured with a distributed stateful firewall, meaning that connections are allowed/denied at the per instance level. This is unlike typical networks where the firewall follows a perimeter based security model. The distributed firewall is one part of the architecture that allows for this fine-grained access control.

    Zipi has also adopted zero-trust networking policies into it’s systems architecture which means that each request (originating from within or outside of the network) needs to be verified.

    We allow for authenticated and authorized systems/users to transfer information through encrypted routes using a RESTful API.

    Zipi and it’s business partners undergo information security audits.
Zipi Pay
  • Although the ACH network may be used in a Zipi Pay transactions we do not represent money transfers through Zipi Pay as such. Zipi Pay is a proprietary secure electronic funds transfer platform that enables seamless money transfers from one account to another. These transfers between financial institutions are facilitated through a trusted tokenization system.
Security Vulnerabilities
  • For the safety of our users and community security vulnerabilities are only announced after remediation. We ask that researchers follow our Responsible Disclosure Policy.