FaiceTech's platform is designed around layered security controls, including secure authentication, tenant isolation, scoped access, auditability, monitoring and supplier assurance. These controls are intended to protect sensitive operational data while supporting accountable use by authorised users.
Security is built into the platform at every layer — from how users log in to how services talk to each other.
FaiceTech supports modern authentication controls, including passkey-based access. Users can register and manage passkeys, supporting a more secure login experience and reducing reliance on traditional passwords. Access is designed around role-based permissions and least-privilege principles, so users only access the functionality and data needed for their role.
FaiceTech's platform is designed around tenant isolation and access controls so that users access only the data and functionality associated with their organisation and role. This is an important part of protecting customer data, maintaining separation between deployments and preventing unauthorised cross-tenant access.
Devices and integrations are designed to communicate with the platform through authenticated and controlled request flows. This supports secure onboarding and helps protect against unauthorised data submission. FaiceTech does not publish detailed implementation patterns for device authentication, request signing or internal service communication in public materials, but these controls form part of the platform's security architecture.
Platform services are designed with scoped access, limiting the network, database and storage access required for each component to perform its role. This reduces unnecessary exposure, supports separation of responsibilities and helps minimise the impact of a compromised or misconfigured component.
FaiceTech uses monitoring and telemetry to support secure platform operation, including operational monitoring, fault detection, security event investigation, performance analysis and availability monitoring. Monitoring forms part of FaiceTech's broader approach to breach detection, operational reliability and security review.
FaiceTech's platform is supported by cloud infrastructure providers that maintain recognised security and compliance assurances. Our core infrastructure provider, DigitalOcean, states compliance with SOC 2 Type II, ISO/IEC 27001, ISO/IEC 27017 and ISO/IEC 27018. FaiceTech uses these supplier assurances as supporting evidence within its own vendor risk management, contractual safeguards and operational controls.
Yes. FaiceTech supports passkey-based access, allowing users to register and manage passkeys for login.
The platform is designed around tenant isolation and access controls, so users access only the data and functionality associated with their organisation and role.
FaiceTech is not currently presenting itself as SOC 2 certified. However, FaiceTech's core platform is hosted on DigitalOcean infrastructure, which maintains SOC 2 Type II assurance. This forms part of FaiceTech's supplier assurance and risk-based governance approach.
Administrative, governance and operational actions are designed to be traceable and reviewable, supporting accountability, investigations and compliance review.