Security

Real-time purchase notifications

With the Brim app’s real time push notifications, you’ll know the moment your card is used to make a purchase.

Never be left wondering if your card is being used for fraudulent activity elsewhere.

World-class security

Immediate fraud notification

We’ll notify you by email and SMS if we notice anything suspicious about your Brim card or account activity.

State-of-the-art data encryption

We ensure your sensitive data is protected with PCI-DSS compliance and 2048 bit SSL encryption.

Two factor authentication (2FA)

We use an extra layer of security that prevents your identity from being stolen.

As a Fintech startup, we were in a unique position to build our entire security stack from the ground up. That meant we built the most robust infrastructure in the industry using the newest and most secure equipment, technology and intelligence to ensure your money and information are safe in our hands. At Brim Financial we hold ourselves and our infrastructure to the highest standards possible.We don’t just say bank-level security, we prove it.

Internal Security:

  • Brim applies PCI standards when handling any of our cardmember’s information, such as personal details, card numbers and account data, and affiliated billing info.
  • Brim regularly reviews the logs of our entire stack interactions.

Software:

  • Brim consistently reviews all software and configuration changes for security, compliance, and performance implications prior to publishing new versions of our API or customer-facing platforms.
  • All of our applications interact with the same publicly available API.
  • Brim has a robust revision process in place to actively track and address any software patches.
  • External security experts audit our software for any susceptibility.
  • All customer data is stored encrypted at rest

Network and Hardware:

  • Brim utilizes the HSM hardware that safeguards digital keys for robust authentication methods and provides cryptoprocessing.
  • We encrypt all network traffic and require TLS 1.2 with HSTS and forward secrecy for all network communications.
  • The entire Brim infrastructure stack undergoes intense reviews and penetration testing to ensure our security standards are upheld
  • We segment our network so that each type of server is isolated from each other and no sensitive systems are exposed directly to each other or external forces.
  • Only servers that necessitate internet access have so and we restrict access between servers with both network-level and local firewall rules, and those with software-level ACLs.
  • Development and Live environments are kept separate with independent networks and no shared infrastructure.

Disaster Recovery & Redundancy:

  • Fully redundant infrastructure (software, hardware, and network) providing immediate local and remote disaster recovery, and continuously test disaster recovery failure.
  • Audit trails and transaction logs enables us to recover data in the event of redundancy failure.
  • Offsite backups of all data are captured regularly and stored securely.