What security measures does North Capital take to protect investor data?

North Capital has several layers of protection to ensure that all personal information is secure.

SSL
- API Methods and external services can only be accessed over SSL
IP Address Whitelisting
- Portal access is granted only to approved IP addresses, and IP whitelisting can be enabled for all API functions
2-Factor Authentication
- Client portal access requires two-factor authentication (password + Google Authenticator code)
Expiring Passkeys
- Keys to access TAPI maintain expiration dates, which disables system access unless renewed
Encryption
- Used to protect all private data
API Lock
- Database can only be accessed through API functions
Audit Logs
- All API function calls are recorded in a searchable audit log