Security Center
Defending global commerce with enterprise-grade encryption and audited security protocols.
Encryption at Rest
All merchant data is stored using AES-256 encryption. We utilize hardware security modules (HSM) for managing encryption keys, ensuring that your data remains inaccessible to unauthorized parties even in the event of a breach.
ISO 27001 Certified
Defleckt maintains active ISO 27001 certification, the international standard for information security management systems. We undergo annual independent audits to verify our adherence to these rigorous controls.
PCI-DSS Level 1
As a service provider processing transactional data, we are fully PCI-DSS Level 1 compliant. We never store CVV numbers or full primary account numbers (PAN), utilizing secure tokenization for all payment references.
Data Privacy & Handling
Biometric Identity Linkage
Our defense engine analyzes non-personal behavioral biometrics to link digital identities across the payment network. This allows us to prove "customer intent" with a higher degree of accuracy than legacy rule-based systems.
Zero-Knowledge Architecture
We are moving toward a zero-knowledge architecture where our system can verify transaction validity without ever having access to the raw PII of your customers. This significantly reduces the scope of data exposure risk.
GDPR & CCPA Compliance
Defleckt provides merchants with full tools to manage "Right to be Forgotten" requests and data access requests in accordance with global privacy laws, including GDPR in Europe and CCPA in the United States.
Our Security Commitment
Security is not a feature at Defleckt; it is the foundation of everything we build. We provide a $1M security guarantee for enterprise partners using our full representment stack.