At Slash, we take security extremely seriously. We use a number of security measures and tools to keep your personal information safe. For example, we use Plaid to manage all bank connections and VGS to store sensitive information. All data is encrypted both in transit and at rest, and we frequently rotate encryption keys.
When we need to perform identity checks, the information you provide us is encrypted both in transit and at rest. We use an API called VGS to store sensitive information. VGS allows us to substitute non-sensitive aliases for original values. While this data is in transit, it is encrypted with TLS/SSL. For the non-sensitive personal identifiable information that is actually stored in our database (name and email), we use the AES-256 protocol for encryption-at-rest, and frequently rotate the keys that could be used to read the data stored in our database.
It's important to note that your SSN is never stored on our servers. It is only relayed to our KYC provider, Persona, and then stored in a secure vault managed by VGS. We collect your SSN because by creating a Slash account, you are opening a bank account with us through our partner bank. We are required by the Financial Industry Regulatory Authority (FINRA) — specifically rule 2090 — to verify your identity. We do this with the help of our KYC partner, Persona, who cross-references the information you provide us with national databases to verify its validity. Persona is a multi-billion dollar company used by the world's leading fintech companies.
All bank connections are managed through Plaid, an API used by Coinbase, Robinhood, Truebill, and Venmo. Plaid uses 256-bit bank-grade SSL encryption and does not relay your login credentials to us or any of their clients under any circumstance.
For more in depth information, contact our support team here - we are standing by to help.