At Formations, we're using the latest encryption technology to ensure your data and information are secure and private. We're using Amazon Web Services (AWS) to store user information, which is equipped with the most advanced security and protection systems.
Our technology partners, Gusto, Xero, Hurdlr, and Plaid, are working by all the essential security standards and requirements.
Gusto: All data transferred between the user’s browser and Gusto’s servers is encrypted in transit. Gusto uses TLS v1.2. Data is encrypted at rest in AWS using AES-256 key encryption.
Xero is certified as compliant with ISO/IEC 27001:2013 which is globally recognized as the premier information security management system (ISMS) standard. Xero achieved certification by developing and implementing a robust security management program, including a comprehensive Information Security Management System (ISMS).
Hurdlr implements robust security protocols to protect users' financial data, ensuring a secure environment for managing finances. These include bank-level encryption (256-bit SSL encryption, the same standard used by major financial institutions), token-base access, OAuth 2.0 authentication, and a secure API infrastructure. Additionally, Hurdlr adheres to industry-standard security protocols, including compliance with standards like PCI DSS and SOC 2.
Formations uses Plaid to connect bank accounts and manage those connections to Formations. Plaid employs a comprehensive set of security protocols to safeguard users' financial data when connecting bank accounts to apps and services. Those include advance encryption (AES-256 encryption for stored data and Transport Layer Security (TLS) for data in transit), multi-factor authentication, secure cloud infrastructure and 24/7 monitoring. Additionally, Plaid adheres to internationally recognized security standards, including: ISO 27001 (Information Security Management), ISO 27701 (Privacy Information Management), and SSAE18 SOC 2 (System and Organization Controls).