Paythos is an accounts-payable workflow platform, and security is its foundation. Every payable is checked, every action is recorded, and every payout account is verified before money moves.
TLS 1.3 in transit
All data in transit is encrypted end-to-end.
AES-256 at rest
Database and file storage encrypted at the block level.
Encrypted secrets
API keys and credentials stored in a secrets manager, never in code.
Role-based access (RBAC)
Admin, approver, and viewer roles with fine-grained permissions.
Multi-factor authentication
MFA enforced for all team accounts.
Session management
Short-lived JWT tokens with automatic refresh and revocation.
SOC 2 Type II hosting
Hosted on infrastructure with SOC 2 and ISO 27001 certifications.
Isolated environments
Production, staging, and development environments fully separated.
Automated backups
Daily encrypted backups with point-in-time recovery.
Row-level security
RLS enforces organisation-level data isolation at the database layer.
Idempotent payments
Unique idempotency keys prevent duplicate payment submissions.
Bank-detail change protection
Vendor payout changes are held for verification before any payment is released.
Immutable audit log
Every action (approve, reject, route, pay) is logged with actor, timestamp, and context.
AI anomaly detection
The risk engine flags duplicates and unusual patterns before payments are authorised.
Real-time alerting
Security-relevant events trigger immediate in-app notifications.
Found a vulnerability? We take security reports seriously. Please disclose responsibly and we will work with you to address the issue quickly.
Report a vulnerability