When you work with personal information, you have an obligation to make sure it’s protected from potential fraud, such as identity theft. This is about much more than just using firewalls and complex passwords—every layer of the organization needs protection.
- Divvy has to collect certain personal information in order to open an account or issue a line of credit.
- Divvy has a number of protocols in place to protect user data, including PCI compliance, proactive fraud protection, multi-factor authentication, and more.
What is fraud protection?
Fraud protection is the plan in place to help ensure that customers’ personal information is safe from frauds and scams, such as identity theft. While there is no foolproof way to completely eliminate the risk of fraud, there are measures you can take to proactively detect and avoid risky situations.
This protection should be part of the data privacy and security plan for any company that collects and stores personal information, even if it’s only names and credit card numbers.
Learn how to upgrade your company’s financial security to help lower your risk of fraud.
Why Divvy needs personal information
We need personal user details in order to provide Divvy’s services, assess our fraud risk for lines of credit, and comply with our legal obligations. Personally identifying information (PII) is also necessary for compliance purposes.
The information we may need includes, but is not limited to:
- Contact information
- Personal identification numbers
- Business information
- Bank account details
This is some pretty sensitive information that you wouldn’t want to fall into the wrong hands. That’s why we take steps to keep your information as protected as possible.
How Divvy protects your information
We use several different methods to make sure your information is in safe hands.
1. PCI compliance
Divvy is PCI compliant. That means we meet the Payment Card Industry Data Security Standard (PCI DSS) for organizations that handle branded credit cards.
2. SOC2 Type 1
We have completed our SOC2 Type 1 report. This demonstrates a test of design that validates the appropriate security controls are in place.
3. Proactive fraud protection
Divvy uses advanced AI/Machine learning technologies to monitor the card transactions in real time to mitigate the various threats. Our deep understanding of financial threat vectors equips us to detect and mitigate emerging threats and keep your business safer.
We also use advanced security and process controls to ensure that the security, confidentiality, and availability of the customer’s confidential data is protected.
4. Multi-factor authentication
For all company administrators with access to sensitive company information and controls, we require multi-factor authentication (MFA). Divvy utilizes two-factor authentication that mitigates account takeovers and ensures only authorized users can access the system. This extra layer of security makes it harder for fraudsters to access information with a password alone.
5. Face and touch logins
Our mobile app uses the latest security features, including Android fingerprint scanning and Apple Touch or Face ID. This makes it harder for someone to access your Divvy account through your mobile device.
6. More levels of protection
Divvy uses industry best practices for data encryption at rest and in transit including Transport Layer Security (TLS) and the latest encryption (AES 256). Divvy also performs regular audits and stress testing to ensure security meets and exceeds industry standards.
In addition, Divvy complies with the FFIEC Interagency Guidance on Authentication in an Internet Banking Environment and Internet Security Standards. This guidance is predominantly focused on internet banking delivery channels and privacy, but it is applicable to all types of electronic transactions.
The information provided on this page does not, and is not intended to constitute legal or financial advice and is for general informational purposes only. The content is provided “as-is”; no representations are made that the content is error free.