Serious about Security

Olumo's approach to security is designed to protect both you and your employees or customers. We monitor usage, we continuously innovate in preventing malicious users, and we protect your data like our business depends on it—because it does. We adhere to industry-leading standards to manage our network, secure our web and client applications, and set policies across our organization.

Encryption and Monitoring

Every interaction with Olumo is completed over a secure connection. We monitor interactions daily to make sure only permitted users are accessing your information.

Olumo uses our algoritms to spot and freeze malicious or suspicious activity.

PCI Compliant

Card-processing systems adhere to the PCI Data Security Standard (PCI-DSS).

Getting stronger as we grow

We’ve designed Olumo to grow stronger the more people interact. The better data set we have to analyze, the smarter our anti-fraud algorithms become. Think of it this way: if cars on a highway drove by only occasionally, it’d be tough to distinguish the ones speeding from the ones travelling within the limit. But on a crowded highway, it’s easy to spot the reckless driver weaving in and out of traffic. Likewise, more Olumo customers allow our proprietary systems to spot the bad guys easily.

Secure network, servers, and data

Olumo's servers are housed in a secure facility monitored around the clock.

  • Card processing adheres to PCI Data Security Standards
  • Data is encrypted at rest
  • Security settings of applications and devices are tuned to ensure appropriate levels of protection
  • We run on AWS and Heroku
  • Data is backed up regularly

Secure organization from top to bottom

Olumo mandates that employees act in accordance with security policies designed to keep applications safe.

  • Olumo requires sensitve data to be encrypted
  • Olumo limits access to application code to internal employees.
  • Two-factor authentication and strong password controls are required for administrative access to systems.
  • Security systems and processes are tested on an ongoing basis by qualified external teams.
  • Security policies and procedures are carefully documented and reviewed on a regular basis.
  • Detailed incident report plans have been prepared to ensure proper protection of data in an emergency.

If you believe you have discovered a vulnerability or you have any security issues with your account, please report it to