Built on API’s
Peach’s modern, well-documented RESTful APIs are easy to integrate with any loan origination system (LOS). We’re also consumers of our own platform, utilizing an identical set of APIs.
Modern Cloud Technology
Peach is hosted in a virtual private cloud (VPC) within Google Cloud Platform (GCP). By using modern HA cloud architecture, we’re able to leverage years of security enhancements to better protect against security incidents.
Data Encryption
Personally identifiable information (PII), bank accounts and card details are encrypted using 256-bit AES-GCM lender-specific rotating keys for maximum security.
Strong Authentication
We use multi-factor authentication (MFA) as an additional layer of authentication beyond usernames and passwords for all critical internal systems. This helps prevent unauthorized users from gaining access to our clients’ data.
Access Control
We provide robust role-based access control to serve the needs of any lender.
Security Compliance
We’re certified in SOC 2 Type 1 and SOC2 Type 2 (in progress). We’re PCI-DSS compliance certified and our PCI Level 1 certification is in progress.
Audit and Accountability
We provide a full audit trail of all communications, money movement, accounting and financial decisions.
Secure Payments
We provide an out-of-the-box solution for payments via ACH, debits cards and checks.
Robust Monitoring
We use reports, velocity checks and alerts to track anomalies and quickly respond and resolve adverse events.
Seamless Integration
Peach seamlessly integrates with your SSO system of choice.
