Pave is SOC 2 compliant! Here’s what it means.

At Pave, we’re on a mission to reinvent and lower the cost of financial services. Data is at the core of who we are and we know that developing trust within the fintech ecosystem is essential. Accordingly, we’re excited to announce our SOC 2 Type 1 report!

As the gold standard of security reports, SOC 2 assures customers that we’ve implemented the highest standards of information security and data protection procedures. The report affirms all information stored on our application is secured, due to the design and structure of our controls, policies, and procedures.

Why SOC 2?

With increasing availability of financial data, the number of use cases and implementations available to fintech developers is exploding.

Great! Right?

When thinking about this, we quickly realized that this growth came at an increased cost to fintech engineers. Due to the rising amount of raw, messy data that these companies are now ingesting, it has become harder for developers to extract insights on their customers, slowing down development on services that are essential.

We’re building Pave to help engineers spend less time dealing with messy financial data, and more time implementing unique customer experiences. With our API, developers can access insights on their end consumer’s spending habits, bills, account health, and more. Analyzing raw financial data across many different sources has never been easier.

A foundational pillar of Pave’s business is trust. In interacting with their end-user’s most sensitive data, there’s a critical amount of trust our customers need to have in us. From how we store data to the processes and insights we derive from it, we want fintech businesses to feel confident in our solution. In our mind, the best way to emphasize our commitment to this trust and security was to get a SOC 2 report right from the get-go.

We’ve recognized that with any company, security and compliance is the foundation upon which a business is built. Our SOC 2 report charts a way forward for a more secure platform — one that is optimized not just for greater accessibility, but for security as well.

What does this mean for our customers?

Our SOC 2 report is more than just a stamp. It signifies that we’re reliable, and we’re here for our customers as a trustworthy tool and resource. While nothing changes externally, we are constantly making sure our product is at the forefront of compliance and security measures.

We’re continuously monitoring our data and processes to ensure they are secure
Data stored with us is always encrypted, both at rest and in transit
Procedures are in place to minimize downtime in situations of process or vendor failure
We implemented rigorous security standards related to automated and manual review of new features

At Pave, we understand that security standards need to be adaptable. Our policies and controls are all living, breathing documents. As we grow, so do our policies and controls.

Security is a top priority for us. We will continue to pursue broadly recognized security standards, and meet rigorous requirements to keep your data safe. We’re excited to be pursuing SOC 2 Type 2 and add another report to our arsenal of data security and protection.

How did we do it?

Pave has been lucky enough to partner with the team at Laika to develop our compliance regime. Their compliance team provided the institutional knowledge we needed to navigate the SOC2 process. For more context on implementation, check out (1) Laika’s profile on Pave, and look out for upcoming Pave blog posts detailing: (2) How we selected Laika as our compliance partner and (3) how we achieved our SOC2 Type 1 in 2 months.

Connect with us here if you would like to review a copy of Pave’s SOC2 report.