We pay the utmost attention to the protection of privacy: your personal data will never be shared with any external company, except for legal obligations and contract execution. Financial data will never be shared. Our privacy policies can be found here.
We take security seriously. We use a ‘security by design’ approach, following international standards, security best practices, and continuously work to ensure our platform remains secure. To maintain a high degree of protection, we recognise the importance of being continuously audited according to the most rigorous standards available. Today, Soldo is compliant with:
- PCI DSS Level 1. The Payment Card Industry Data Security Standard, or PCI DSS for short, is a data security standard developed by the principal payment card networks (MasterCard, Visa, American Express, Discover, JCB) to ensure the security of cardholder data and of the network and systems that host it. Soldo Software Ltd., which provides the group’s software services to all customers, has been annually accredited as a Level 1 Service Provider by the PCI Council, complying with the highest data security standards, since 2017.
- ISO/IEC 27001. This is the international standard for managing information security, which sets out the specifications for an Information Security Management System (ISMS). Adhering to the standard implies being aligned with globally recognised information security best practices in terms of people, processes and technology. Obtaining a certification requires an audit by an external assessor. Providing proof of regular penetration testing and associated procedures is a pre-condition for the successful completion of the audit.
- ISO/IEC 9001. Soldo’s ISO/IEC 27001 annual certifications since 2019 demonstrate that all of the companies belonging to the group have been committed to implementing and maintaining an Information Security Management System that complies with the highest international standard. This standard is based on a number of quality management principles including a strong customer focus, the motivation and implication of top management, the process approach and continual improvement.
- Cyber Essentials Plus. Cyber Essentials is a UK government-backed and industry-supported scheme that helps businesses protect themselves against common online threats. Soldo Software Ltd. and Soldo Financial Services Ltd. have both obtained the Cyber Essentials Plus Certification, which is the highest level of certification offered under the scheme and involves an audit by an external assessor carrying out vulnerability tests.
- HM Government G-Cloud Supplier. Soldo is part of the G-Cloud framework, the UK government’s supplier agreement for cloud computing services for the public sector. The group was part of the G-Cloud 12 framework and has also been accepted for the G-Cloud 13 framework in 2022.
From a platform perspective, in order to protect data and provide security, we employ:
- 3D Secure. Advance 3D Secure (3DS) is a supplementary authentication measure that safeguards online transactions for enhanced fraud protection.
- Strong Customer Authentication. We employ Secure Customer Authentication (SCA) for multi-factor authentication, increasing the security of electronic payments.
- Expenditure filter and lock. Our platform provides enhanced protection against unauthorised spending by defining who spends what where and locking cards if misplaced.
- Continuous security assessments. We test our products with more than 10 security assessments throughout the year. This improves security in a continuous, never-ending process. We also work with skilled security researchers worldwide to identify and eradicate potential vulnerabilities.