Trust Centre

Security controls

Infrastructure security, encryption, access control, fraud detection, and vulnerability management.

OverviewCompliance & certsSecurity controlsWORM ledgerSLA & uptimeDeveloper protectionsEnterprise security
🔒 Infrastructure security
☁️
Cloud infrastructure
Vercel Edge Network, primary region eu-west-2 (London). 40+ CDN nodes. Automatic DDoS protection.
🔑
Encryption
AES-256 at rest. TLS 1.3 in transit. API keys SHA-256 hashed before storage. Never stored in plaintext.
🛡
Fraud detection
8-signal real-time scoring on every financial action. IP blacklisting, velocity checks, amount ratios, account age. Sub-100ms response.
📋
WORM audit trail
SHA-256 sealed on every financial transaction. Write-once, no expiry, publicly verifiable.
🔐
Access control
API key auth on all protected routes. Admin restricted to approved key prefixes. RBAC five roles. SAML SSO for enterprise.
🔍 Vulnerability management
Dependency scanning — Automated on every pull request. Critical CVEs block deployment.
Penetration testing — Annual third-party test. Summary available to enterprise customers on request.
Responsible disclosure — Report to trust@forcedream.ai. Acknowledged within 24 hours. Critical issues remediated within 72 hours.
Patch management — Critical CVEs patched within 24 hours. Others applied at next maintenance window.
Report a vulnerability Certifications