We take security and data privacy very seriously.

Keeping our clients' data secure is an absolute top priority at Novel. Our goal is to provide a secure environment, while also being mindful of application performance and the overall user experience.
security compliance playbook

SOC2 Compliant

Security and trust are integral at Novel. We have achieved audit certification for Service Organization Controls (SOC 2) Trust Services Principles, focused on security. Our continued SOC 2 certification ensures our organizational and technology controls are independently audited at least annually. Please contact sales@trynovel.com for Novel's latest report.

End-To-End Security

Novel is hosted entirely on Amazon Web Services (AWS), providing end-to-end security and privacy features built in. Our team takes additional proactive measures to ensure a secure infrastructure environment. For additional, more specific details regarding AWS security, please refer to https://aws.amazon.com/security/.

Application

Control user access and permissions
2 factor Auth using Time Based One Time Password (TOTP) required for all sign ins
Immutable audit log to capture user interactions with payments

System

SOC 2 Type II audited
All data encrypted in transit (TLS 1.2) and at rest (AES-256-GCM)
Infrastructure is hosted in AWS with SOC2 certifications
Constant internal and weekly external vulnerability scanning
Application logs record employee access to customer data

Company

100% of our employees complete security training
100% of our employees undergo mandatory background checks
Physical security keys are required for login to internal and external services

Bug Bounty Program

Novel operates a bug bounty program through Federacy. If you believe you have found a vulnerability or would like to participate in our rewards program please submit your report through Federacy. There you will also find our formal Vulnerability Disclosure Policy and bounty rewards.
Learn more