Skip to main content

Trust at Azupay

At Azupay, trust is the cornerstone of everything we do. We understand that your confidence in our services is paramount, and we are committed to upholding the highest standards of integrity, security, and reliability. Our commitment to trust is reflected in our core values and the rigorous measures we take to protect your information.

Our Values

Pioneering: As leaders in the industry, we continuously push the boundaries of innovation to provide you with cutting-edge payment solutions. We are dedicated to staying ahead of the curve, ensuring that our technology not only meets but exceeds your expectations.

Diligent: We take our responsibility seriously. Every detail matters, and we are meticulous in our efforts to safeguard your data and provide you with exceptional service. Our diligence ensures that we maintain the highest standards in everything we do.

Reliable: You can count on Azupay to deliver consistent, dependable service. We understand the importance of reliability in payments, and we work tirelessly to ensure that our systems are always available and performing at their best.

Considerate: We value our customers and partners, and we are committed to building lasting relationships based on mutual respect and understanding. We take the time to listen, and we are always here to support you.

Collaborative: At Azupay, we believe that the best solutions come from working together. We foster a culture of collaboration, both within our team and with our customers, to create solutions that truly meet your needs. If you have specific security needs or features, we can work with you on addressing them.

Security and Compliance

SOC2 Type II Accredited

At Azupay, your security is our top priority. We are proud to be SOC 2 Type 2 certified, a testament to our dedication to maintaining the highest levels of security, availability, processing integrity, confidentiality, and privacy. This certification demonstrates our commitment to protecting your data and ensuring that our systems are secure and trustworthy, and covers independent audit of both the design and operating effectiveness of security controls relevant to security, availability, processing integrity, confidentiality and privacy of our systems. Our SOC2 Type 2 report can be requested during client onboarding and as part of annual supply chain risk reviews by clients.

In addition, our information security management system is aligned with NIST 2.0 standards. This alignment ensures that we are following best practices in managing and protecting your information, including risk management, incident response, and continuous monitoring. You can trust that your data is in safe hands with Azupay.

Building Trust, Every Day

Trust is not just a one-time achievement; it is something we work to earn every day. We are committed to transparency, accountability, and continuous improvement in all aspects of our business. When you choose Azupay, you are choosing a partner who values your trust and is dedicated to upholding it.

Our Security Program

Azupay has a comprehensive security program and takes a security-in-depth approach to making payments safer across all areas of our business.

Industry Best Practice Aligned

  • We complete annual SOC2 Type 2 organisational certification, which provides external assurance of our security posture, and conduct regular penetration testing by leading national security vendors.
  • Azupay utilises industry standard frameworks to maintain its security posture, information security management systems aligned with NIST CSF and ISO27001.

Data Encryption & Cryptography

  • All at rest and in transit data is encrypted using industry standard cryptography. Cryptography used includes AES encryption for at rest data protection, and all in-transit traffic is TLS 1.2+ encrypted.
  • We enforce strong authentication  and authorisation on APIs, and have additional controls such as IP Whitelisting, platform SSO and HMAC signing available for clients with enterprise level security needs.
  • All cryptographic material is generated via tamper resistant FIPS 140-2 L3 compliant cryptographic hardware security module (HSM) based key management systems used for key material management.

Modern Platform Security

  • All cloud hosting environments are ISO27001, SOC1 & SOC2 certified.
  • We utilise comprehensive security controls via XDR, SIEM, ID, Preventative, Detective and other controls using cloud native tooling, and have 24/7/365 managed detection and response capabilities.
  • Real time intrusion detection and event alerting across all environments with hardened logging infrastructure.
  • Hardening standards are adopted to ensure cloud security best practices against CIS and NIST frameworks.

Secure Development Lifecycle

  • Azupay follows industry standard secure software engineering practices, including pair programming, and comprehensive unit and regression test coverage as well as other DevOps practices.
  • Our code pipelines run application security testing on a continuous basis to identify code and quality issues.
  • We have security controls in place to manage the supply chain risk and security of our deployment pipelines.

Identity and Endpoint Practices

  • All platforms and identifies are secured by multi-factor authentication and strong password management practices for all users. We implement conditional access policies, zero trust networking practices, and we monitor for anomalous end user behaviour.
  • IAM least privilege access and separation of duties used to further secure environments.
  • All endpoints are enrolled in mobile device management software and run managed detection and response and antivirus software with advanced intrusion detection capabilities.
  • We implement stringent data loss prevention tooling to minimise the risk of endpoint or identity based security events.
  • All staff complete regular security training relevant to their job duties.