Security Commitments

Rise protects user data with encryption at rest and in transit, ensuring sensitive information such as personal details and financial records remains secure from unauthorized access.

All system and data access is governed by the principle of least privilege, supported by multi-factor authentication (MFA) wherever possible. Only the personnel who need specific data to do their jobs can access it, and we regularly review and revoke unneeded permissions.

• Rise deploys monitoring solutions to detect unusual system or application behaviors. Any potential threat triggers automated alerts for our security team.
• An incident response plan is in place, detailing how to contain and remediate breaches swiftly, and how to communicate with affected parties if necessary.

• Blink's applications are developed with secure coding practices and undergo periodic penetration testing to identify and remediate vulnerabilities.
• Our systems are hosted in a secure cloud environment, allowing us to scale as needed while maintaining strict security standards.

• Rise monitors and aligns with applicable state and federal regulations—especially critical for small-dollar lending.
• Where relevant, we leverage industry best practices, including frameworks such as ISO 27001, NIST SP 800-53, and SOC 2 guidelines, to structure our security and compliance efforts.