Security & Fraud Prevention
Overview
At NOAH, we prioritize the security of your digital assets and personal information. Our approach to fraud prevention and security is comprehensive, employing state-of-the-art technology and best practices to safeguard every customer interaction.
Security Measures
-
Multi-Party Computation System (MPC): For onchain transactions, we use a proven MPC system and a separate co-signer service, allowing only verified users to initiate transactions validated on the blockchain.
-
Data Scrubbing Techniques: We use data scrubbing to eliminate personally identifying information, assigning a unique UserID to each user for ledger transactions.
-
Quantum Ledger Database (QLDB): We leverage Amazon QLDB to provide a transparent, immutable, and cryptographically verifiable transaction log. This ensures full transparency and integrity of the transaction data, enhancing the trust and security in our system.
-
User Data Protection: Our commitment to data security ensures the protection of your digital assets and personal information.
-
Key Enclave: Our innovative Transaction Signing PIN service is designed to securely store and retrieve transaction signing information in an isolated environment, ensuring the utmost security.
Fraud Prevention Measures
- Advanced Monitoring: NOAH uses advanced transaction monitoring and behavioural analytics to detect and prevent fraud patterns, money laundering, and sophisticated scams.
- AML and Compliance Checks: In both the Reliance and Standard models, we use the KYC and identity data provided by customers to complete thorough Anti-Money Laundering (AML) and compliance checks, ensuring rigorous risk assessment.
PCI Compliance
NOAH's Hosted Checkout solution handles payment data using a PCI Compliant entity, businesses using this solution do not require PCI Licensing.
NOAH upholds the highest standards of payment security, demonstrating our commitment as a PCI SAQ A registered entity. All businesses which collect card information and are integrating with NOAH's payment solutions are required to comply with the Payment Card Industry Data Security Standards (PCI DSS).
NOAH's Tokenised Card Capture
When your customer's card details are captured using NOAH's Hosted Checkout solution, NOAH uses a PCI DSS compliant entity to tokenise this information when processing card payments. This means that NOAH does not store your customer's card information, instead we store a reference to the encrypted data which is relayed through a PCI DSS compliant entity for processing the customer's payments.
Capturing Your Customer's Card Data
Businesses that choose to capture their customers' card data directly through their applications must uphold their responsibilities to PCI compliance. For all instances where your business captures customer card data, your business must take the steps to validate its PCI compliance, ensuring you have attained PCI DSS certification and that it is reviewed on an annual basis.