Skip to content

Bumped prioritizes security

We consider data security a number 1 priority not just because we have to as a regulated entity, but because it’s the right thing to do. We have multiple annual audits by objective entities to ensure we’re always up to date.

Bumped considers data security a number 1 priority


Security, data encryption, and reliability are core to everything we do.

The entire Bumped team — including Bumped Financial, LLC, member FINRA, SIPC—is dedicated to best practices in security and committed to protecting everyone we work with.

We built our platform with security in mind, employing best-in-class technology to meet or exceed industry standards.

All data communicated between customers and the Bumped platform is encrypted in transit using modern Transport Layer Security (TLS) and strong ciphers. Customer data is secured throughout our platform by bank-grade encryption.

Our platform is architected for reliability and redundancy, ensuring that our systems remain highly available and accessible to customers and partners.

Bumped is a member of the Securities Investor Protection Corporation (SIPC). SIPC protects customer accounts up to $500,000 (including $250,000 cash).

SOC2 Type 2 Compliance

What is SOC 2 compliance?
Service Organization Control 2 (SOC2) is a component of the American Institute of CPAs (AICPA)’s Service Organization Control reporting platform. SOC 2 is a technical auditing process and certification that measures security and availability and serves as an assurance to customers that their data is being managed in a controlled and audited environment.

When a business is SOC 2 compliant, it signifies they implement and maintain proper security systems to ensure security, availability, processing integrity, confidentiality, and privacy of customer data.

SOC 2 compliance is essential for technology-based service organizations that store customer data in the cloud. This makes it applicable to most SaaS businesses, and any business that relies on the cloud to store its customers’ information.

There are two types of SOC 2 audits:

  • Type I: The report describes a vendor’s systems and whether their design is suitable to meet relevant trust principles.
  • Type II: The report details the operational effectiveness of those systems and includes a historical element that shows how controls were managed by a business over a minimum period of six months.
Bumped has been SOC2 Type 2 compliant since March 2020 after achieving our SOC2 Type 1 status in September 2019, and completes annual audits to maintain this status.

Why is SOC 2 compliance important?
Meeting SOC 2 compliance means establishing processes and practices that ensure best practices oversight across a company, guaranteeing customers that their data is protected from any unusual, unauthorized, or suspicious activity.

To meet SOC 2 Type 2 requirements, a company must not only define their policies and procedures, but those are also tested and verified by auditors annually.

Having a SOC 2 badge on the Bumped website shows our dedication to keeping customer information private and secure. Bumped understands the need for customers to feel safe about their data, and it’s the reason why we are thrilled to feature this badge!

We work with brands and banks, too!

If you’re a brand, merchant, or financial institution ready to reward in ownership, let’s talk.

Contact Sales

Own what you love™

Follow us on FacebookFollow us on TwitterFollow us on LinkedInContact us through email

Security questions or concerns? Reach out to

© 2022 Bumped Inc. All rights reserved. Use the following links to access Bumped Financial LLC's Privacy Policy, Terms of Use, Customer Agreement, and other Legal Disclosures.