At River, earning - and keeping - your trust is of the utmost importance. So we take a no compromise approach to data security, with multiple measures to ensure the security and protection of your data.
All data is transmitted with encryption-in-transit using HTTPS or similar protocols. All data is securely stored with encryption-at-rest using AES-256 or higher standards. Within databases, we also leverage in-field encryption to protect particularly sensitive data.
River uses tokenization to protect sensitive information (personal information, card data, etc.) by replacing it with a secure surrogate id, called a token. That way, we only store that token, and not your actual data, making sure your information is always safe.
We work with the best third-party cybersecurity experts to conduct regular penetration testing to ensure there are no vulnerabilities in our infrastructure and audits to ensure our defenses remain stable.
We comply with federal “Know Your Customer” standards and require all customers to verify their identity before conducting any transactions on River.
When we work with third parties to help provide services to you, we select leading partners who have adopted equally stringent security protocols. Learn about some of our key partners: Plaid, Modern Treasury, and Hydrogen.
River requires multi-factor authentication on all accounts as an additional layer of security to prevent access from an unauthorized third party.