Fortmatic Completes SOC 2 Audit — Our Commitment to Trust

Sean Li
Sean Li
Jul 3, 2019 · 2 min read
Image for post
Image for post

After months of incredible hard-work by our security team, we’re proud to announce that Fortmatic has successfully completed it’s SOC 2 Type 1 security audit performed by A-LIGN — making us the world’s first web3 authentication provider to demonstrate this level of security compliance in safeguarding user funds and data.

Fortmatic strives to bring forth mainstream adoption to web3 decentralized applications by eliminating the need for users to install any 3rd party software or write down recovery seed phrases before even getting started, and instead let them access and spend cryptocurrency with these applications using their phone number and PIN code — web 2.0 style. Doing this would require a huge commitment from Fortmatic to trust and security. On top of air-tight security architecture, we’ve also developed intensive processes and diligence around confidentiality, risk mitigation, and business continuity — all enforced by the criteria of SOC 2 audits.

SOC 2 audits are not new to the crypto ecosystem. It’s, in fact, a rigorous security compliance standard which has been adopted by industry leaders such as Gemini, Coinbase, and BitGo. On top of completing our SOC 2 audit, we also conduct regular white-box and black-box penetration tests, integrated with PhishFort to fight against phishing attacks, and moving forward with preparing for our SOC 2 Type 2 audit to further validate our security controls.

We’re still a startup, and we’re working around the clock to ensure we both deliver quality products, AND to build and communicate trust with users and developers. We’re kicking off the process with this SOC 2 announcement, and will be sharing more content in the upcoming articles such as our security architecture.

If you would like to report a vulnerability or have a security concern regarding our user-facing and developer-related services, SDK, API, infrastructure, and architecture, etc., please e-mail security@fortmatic.com

If you are interested in learning more about Fortmatic and integrating with us, make sure to join us in our Discord channel or tag us on Twitter!

Fortmatic

Auth is simpler on the blockchain.

Sean Li

Written by

Sean Li

ceo @magic_labs @fortmatic | ex-@docker @kitematic | @uwaterloo alumni

Fortmatic

Fortmatic

Auth is simpler on the blockchain. Let users access your Ethereum app from anywhere. No more browser extensions and seed phrases.

Sean Li

Written by

Sean Li

ceo @magic_labs @fortmatic | ex-@docker @kitematic | @uwaterloo alumni

Fortmatic

Fortmatic

Auth is simpler on the blockchain. Let users access your Ethereum app from anywhere. No more browser extensions and seed phrases.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store