{"platform":"Splitt.","security":{"encryption":{"status":"active","description":"All data encrypted in transit via TLS 1.2+ (HTTPS enforced)"},"payments":{"processor":"Stripe","certification":"PCI DSS Level 1","description":"Splitt never stores card numbers. All payment data is handled by Stripe, the world's leading payment processor."},"authentication":{"description":"User sessions secured via Supabase Auth with bcrypt password hashing and JWT tokens"},"data_protection":{"description":"Card details are tokenized by Stripe. Splitt only stores card brand and last 4 digits for display.","pii_handling":"Personal data is never logged or exposed in error messages"},"fraud_prevention":{"rate_limiting":"Active — protects against brute force and DDoS attacks","velocity_monitoring":"Active — suspicious activity is flagged in real time","two_phase_commit":"Active — all-or-nothing charges prevent partial billing"},"monitoring":{"error_tracking":"Sentry (real-time error alerting)","uptime":"Continuous health monitoring with automatic recovery"},"headers":{"hsts":"Strict-Transport-Security enforced","csp":"Content-Security-Policy active","xss_protection":"X-XSS-Protection enabled","clickjacking":"X-Frame-Options: DENY"}},"last_security_audit":"2026-03-07","contact":"security@paysplitt.com"}