If things look a little different, it’s because we rebranded. Learn more
Security

Security at Peach

Peach’s technology and information security program is designed to exceed industry standards. We use a variety of controls to ensure the information of our lenders and borrowers stays secure, and we’re committed to an API-first approach when we design and develop features.

1{ 2 "agencyName": "equifax", 3 "country": "US", 4 "dataFormat": "metro2", 5 "nameFilePerAgencyConvention": true, 6 "fileNamePrefix": "", 7 "isPeachAggregator": false, 8 "sftpHostname": "172.105.186.211", 9 "sftpUsername": "reporter", 10 "sftpPassword": "**********", 11 "sftpCdDir": "inbox", 12 "encryptionMethod": "GPG", 13 "publicKey": "**********", 14 "uploadFrequency": "monthly", 15 "specificDays": [ 16 0 17 ] 18}
Modern cloud technology

Peach is hosted in a virtual private cloud (VPC) within Google Cloud Platform (GCP). By using modern HA cloud architecture, we’re able to leverage years of security enhancements to better protect against security incidents.

Built on APIs

Peach’s modern, well-documented RESTful APIs are easy to integrate with any loan origination system (LOS). We’re also consumers of our own platform, utilizing an identical set of APIs.

Strong authentication

We use multi-factor authentication (MFA) as an additional layer of authentication beyond usernames and passwords for all critical internal systems. This helps prevent unauthorized users from gaining access to our clients’ data.

Data encryption

Personally identifiable information (PII), bank accounts and card details are encrypted using 256-bit AES-GCM lender-specific rotating keys for maximum security.

Audit and accountability

We provide a full audit trail of all communications, money movement, accounting and financial decisions.

Secure payments

We provide an out-of-the-box solution for payments via ACH, debits cards and checks.

Robust monitoring

We use reports, velocity checks and alerts to track anomalies and quickly respond and resolve adverse events.

Seamless integration

Peach seamlessly integrates with your SSO system of choice.

Access control

We provide robust role-based access control to serve the needs of any lender.

Security

Built for security and compliance

Peach Finance is SOC 2 Type 2, SOC 1 Type 1, HIPAA and PCI DSS Level 1 compliant. We practice defense-in-depth security architecture and employ best-in-class practices and tools to maintain security on all levels.

SOC 1 type 1 compliant
SOC 2 type 2 compliant
PCI DSS Level 1 certification
HIPAA compliant