A Service Organisation Control (SOC) 2 Type II Attestation is given after a successful audit of how a service provider handles sensitive information.
The audit ensures that Yubi meets the five Trust Service Principles (TSPs): security, privacy, availability, confidentiality, and processing integrity.
Yubi is also ISO 22301 (Business Continuity Management Systems), and ISO 27001 (Information Security Management Systems) certified.
Yubi, the world’s first unified credit platform for corporates and lenders, has become the first Indian fintech company to achieve the SOC 2 Type II attestation. Earning this attestation means that Yubi has been successfully audited by one of the ‘Big Four’ firms against the rigorous TSPs and implementation of controls in accordance with the international security and availability standards set by the American Institute of Certified Public Accountants (AICPA).
SOC 2 Type II Attestation by the AICPA was awarded to Yubi after a successful audit between July and December 2022
As a product-first and customer-first leader in the credit ecosystem, data has always been at the core of Yubi. Hence, it is imperative that the highest levels of data protection measures are undertaken to serve customers in their best interest and meet evolving regulatory guidelines. This achievement is a testament to Yubi’s commitment to security and privacy.
Commenting on the development, Araveinth Gopinath, Chief Information Security Officer, Yubi, said, “On our journey to deepen debt markets and provide access to capital to enterprises in India, at Yubi, we have made significant investments to enhance and build a highly secure infrastructure. We are proud and thrilled to have achieved the SOC 2 Type II attestation in record time. The extensive independent audit process confirms that our platform meets the highest security and privacy standards and gives our customers the confidence they need to trust our platform with their data.”
As a SOC 2 Type II compliant company, Yubi has achieved enterprise-grade security in the below domains:
Product security: Cloud (Virtualised) environment, source code protection, identity and access management.
Data security: Data processing agreements, backups & data redundancy, data encryption, availability (Business continuity).
Network security: Encrypted communications, protection from external attacks.
Application security: Secure coding, penetration testing, automated code security checks, continuous assessments.
Business Security: Background checks, confidentiality, security awareness training, breach notifications.
Physical security: Visitor management, 24-hour office surveillance, and more.
Yubi already has ISO 22301 (Business Continuity Management Systems) and ISO 27001 (Information Security Management Systems) to its credit. The company has also successfully implemented Zero Trust Architecture, Open Extended Detection and Response (XDR) integration (NG-SIEM, NDR & SOAR(1)) for Security Operations, Aadhaar Vault for UIDAI compliance, Endpoint Detection and Response (EDR), and many more such controls to promote the highest level of data privacy and security.
(1)Next-Generation Security Information and Event Management (NG-SIEM), Network Detection and Response (NDR), Security Orchestration, Automation and Response (SOAR)
Established in 2020 by Founder and CEO Gaurav Kumar, Yubi is the world’s first unified credit platform powering the discovery, execution and fulfilment of credit. The platform comprises a digital debt marketplace and a sophisticated technology stack, which seamlessly power the end-to-end debt lifecycle from origination to collections. Its one-of-a-kind product suite (Yubi Loans, Yubi Co.Lend, Yubi Invest, Yubi Flow, Yubi Pools, and Yubi Build) offers loans, co-lending, corporate bond issuance, supply chain financing, asset-backed securitisation and RE & Infra financing to build a holistic digital credit ecosystem.
To know more, visit www.go-yubi.com.