Menu
Menu
Peach’s technology and information security program is designed to exceed industry standards. We use a variety of controls to ensure that lender and borrower information stays secure, and we’re committed to an API-first approach to designing and developing features.
Peach is hosted in a virtual private cloud (VPC) within Google Cloud Platform (GCP). By using modern HA cloud architecture, we’re able to leverage years of security enhancements to better protect against security incidents.
Peach’s modern, well-documented RESTful APIs are easy to integrate with any loan origination system (LOS). We’re also consumers of our own platform, utilizing an identical set of APIs.
We use multi-factor authentication (MFA) as an additional layer of authentication beyond usernames and passwords for all critical internal systems. This helps prevent unauthorized users from gaining access to our clients’ data.
Personally identifiable information (PII), bank accounts and card details are encrypted using 256-bit AES-GCM lender-specific rotating keys for maximum security.
We provide a full audit trail of all communications, money movement, accounting and financial decisions.
We provide an out-of-the-box solution for payments via ACH, debits cards and checks.
We use reports, velocity checks and alerts to track anomalies and quickly respond and resolve adverse events.
Peach seamlessly integrates with your SSO system of choice.
We provide robust role-based access control to serve the needs of any lender.
Our loan management and loan servicing software is compliant withSOC 1 Type 1, SOC 1 Type 2, SOC 2 Type 2, PCI DSS Level 1 and HIPAA. We practice defense-in-depth security architecture andemploy best-in-class practices and tools to maintain security onall levels.
Our Trust Portal offers self-service access to the certifications, reports, policies and documents that substantiate our commitment to data privacy, app security and network safety.