Phzio's platform resides in Canada, hosted by Amazon Web Services (AWS), a premier public cloud infrastructure provider globally recognized for meeting rigorous compliance standards like PCI-DSS, HIPAA, HITECH, ISO 27001, and SOC framework through third-party validations.
Utilizing AES 256-bit encryption, Phzio ensures the security of stored data. Communication between your browser, applications, and our servers is encrypted, meeting at least TLS 1.2 standards. Phzio doesn't handle credit card information; instead, we rely on Stripe, a certified PCI-DSS Level 1 payment platform.
We conduct routine scans on our application and infrastructure to identify and address security vulnerabilities. Biannually, external penetration tests are conducted to fortify our system's resilience. Our Security Incident Response Team (SIRT) promptly investigates and addresses security events reported by internal and external sources. Should you identify a security issue with our mobile application or website, refer to our vulnerability disclosure process below.
Enhancing your account's security, Phzio offers two-factor authentication and assists in creating robust passwords through our password strength estimator. You can also oversee your account's activity by reviewing activity logs accessible in your account settings.