top of page
Pari New Logo.png
Pari+Name+Logo.png

Security Information

Effective Date: June 24, 2026

Last Updated: June 24, 2026

Security at Pari

At Pari, security is at the foundation of everything we build. We are committed to protecting our users’ financial data, transactions, and personal information using industry-leading security practices, rigorous access controls, and trusted institutional infrastructure.

Our Security Philosophy

We build security into the Pari platform from the ground up, utilizing the principle of least privilege (restricting data access strictly to those who need it) and a defense-in-depth strategy to protect our infrastructure at multiple layers.

Data Protection & Infrastructure

Encryption Everywhere

  • In Transit: All data sent between the Pari mobile app, our servers, and our third-party integrations is encrypted using TLS 1.2 or higher over secure networks. We enforce HTTP Strict Transport Security (HSTS) to prevent downgrade attacks.

  • At Rest: All customer data stored in our cloud environment is encrypted using industry-standard AES-256 encryption.

Multi-Factor Authentication (MFA)

Access to internal Pari administrative tools, hosting infrastructure, and codebase repositories requires mandatory multi-factor authentication.

Secure Cloud Hosting

Our application infrastructure runs on highly secure, isolated cloud servers. We continuously monitor our cloud environment for security events, anomalies, and unauthorized access attempts.

Financial & Identity Infrastructure

To ensure maximum security for your capital and sensitive banking details, Pari partners with leading fintech infrastructure providers. Pari does not store your bank credentials or hold user funds directly on our servers.

PartnerRoleSecurity Standard

PlaidBank Authentication & AggregationUses Advanced Encryption Standard (AES 256) and Transport Layer Security (TLS) to securely connect your bank to Pari without exposing credentials.

Astra FinanceIdentity Verification & Transfer AutomationOrchestrates secure money movement, automates financial routing, and ensures compliance with strict KYC (Know Your Customer) and AML (Anti-Money Laundering) regulations.

Application Security & Monitoring

  • Vulnerability Scanning: We run automated dependency scanning to catch known vulnerabilities in our software supply chain before code is ever deployed.

  • Secure Software Development: Our engineering team follows secure coding standards designed to prevent common web and mobile vulnerabilities (such as injection attacks and broken authentication).

  • Audit Logging: We maintain comprehensive, tamper-evident logs of system activity and administrative changes to ensure total accountability.

Responsible Disclosure & Vulnerability Reporting

We welcome and appreciate the work of independent security researchers in helping us keep the Pari community safe.

If you believe you have discovered a security vulnerability in the Pari application, website, or infrastructure, please report it to us immediately by emailing security@pariapp.com.

 

Please include:

  1. A detailed description of the vulnerability.

  2. Step-by-step instructions to reproduce the issue (or a proof-of-concept script/screenshot).

  3. The potential impact of the vulnerability.

 

We ask that you give us a reasonable amount of time to investigate and remediate the issue before making any information public, and that you do not attempt to access, modify, or exfiltrate any actual user data during your research.

bottom of page