Security

1. Platform controls

BrokerPay is designed around brokerage approval workflows, role-based access, status tracking, and operational audit logging so transfer activity can be reviewed before and after funds move.

2. Payment security

Where enabled, payment methods and ACH workflows are handled through Stripe infrastructure. BrokerPay does not intentionally expose full bank account numbers to application users.

3. Data protections

We use transport encryption, environment-based secret configuration, access restrictions, and server-side validation to reduce risk. Administrative actions and sensitive workflow changes are intended to be logged for auditability.

4. Customer responsibilities

Brokerage customers should use strong passwords, restrict admin access, review transfer approvals carefully, and notify BrokerPay promptly if unauthorized activity is suspected.

5. Reporting concerns

If you discover a potential security issue, contact support@brokerpay.io with relevant details so it can be investigated.