Security at Penta: How We Protect Your Business Account
Table of contents
When people talk about secure banking, they are no longer talking about the safe in the bank branch, but rather about the security of bank accounts. And in the digital realm, these are protected using a combination of cybersecurity and a number of other elements to keep you safe from potential fraud or money loss. At Penta, security is one of the key topics.
5D Security: Penta’s Security System Includes Five Levels of Security
To best protect your Penta digital business account and ensure that your money is completely safe with Penta and our banking partner, Solarisbank, we follow an approach called 5D Security, which includes the following five layers of security:
- Platform stability
- Security features
- Online payments security
- Offline payments security (bank card security)
Penta’s Security and Fraud Control Features
Security starts with the basic features of an account that you can use to protect your money from fraudsters. What are the most important features for your security?
TAN Authentication for Transactions
When you initiate a transfer from your Penta business account, you must enter a confirmation code that is sent to you via SMS. The so-called TAN stands for transaction authentication number. Using a mobile TAN allows us to ensure that no one but you can send a payment from your account. Alternatively, you can confirm payments via push message through the Penta app if you have enabled device binding between your Penta account and your smartphone.
Additional Security for Online Card Payments via 3D-Secure
You also stay secure when making online purchases using your Penta card. The 3D-Secure procedure ensures that you actually wanted to make an online card payment. Here, the so-called two-factor authentication is used, in which your identity is queried by two independent factors. These can be a password, a fingerprint via Touch ID, a mobileTAN or confirmation of a push notification in the Penta app.
Customized Account Permissions
In your Penta business account you can assign customized permissions to each account user. This way, only authorized people can make transfers from your bank account, perform accounting tasks, view or prepare certain transactions—depending on your settings.
You can allow other users to make payments or receive employee cards on behalf of your company. You can let your employees and tax advisors prepare the transactions, but allow only one person in the company to approve them, for example.
Customized Spending Limits
For each Penta card, you can set a customized spending limit of up to 25,000 Euro per month for offline purchases and a maximum of 40,000 Euro for online purchases.
Notifications for a Better Overview
It’s always good to know what’s happening with your business money, isn’t it? That’s why you can enable certain notifications that you will then receive, for example, as a push notification on your smartphone for transactions made through your business account.
To make sure that this extra layer of security is really helpful, we let you decide which notifications you want to receive.
Simple Card Blocking
Imagine coming to the office on Monday morning and not being able to find your Penta card. Maybe you left it at home? Has it been stolen? Whatever it is, with Penta you have no reason to worry because you can instantly block the Penta card linked to your digital business account.
If you find the card, you can unblock it immediately and continue using it as usual. If you think you’ve lost it, you can easily order a replacement card from the Penta dashboard.
The Design of the Penta Card
Many of our customers love the Penta VISA card for its extraordinary design. However, few know that this design also provides more security. With the card number on the back displayed in a smaller font size, theft of your card details is not as easy as with many other cards.
Digital banking for your business
The Penta Platform: Safety and Stability
One of the key elements we focus on when building our banking interface at Penta is the security. To make sure your money is secure at all times, we do professional penetration audits on a regular basis using a range of different tests—from black box testing to grey and white box testing. It’s also important to note that our tech team combined has over 30 years of experience in cybersecurity.
Another key element of cybersecurity is protecting sensitive data—e.g. your email or password. To do that, we use security TLS-certificates that ensure traffic encryption and use advanced encryption for all the sensitive data items. Your transactions data will also be TLS-encrypted between our app and our integration partners.
Have you ever had an issue with your traditional bank’s online banking being unavailable? We did as well and that’s why we built Penta differently.
To make sure you always have access to your online banking and experience as little bugs as possible, we run a wide variety of manual and automated tests before each release of new features. The tests are run on different levels—for example, we do unit, build, API, and UI-level tests for each feature we add. This overall process is called Quality Assurance and is done by certified QA specialists.
Unlike many other companies, we maintain a very high ratio of quality assurance specialists to developers: 1 QA specialist per 1.5 developers vs the industry average of 1 QA specialist for every 5 developers. Thus, we allocate a lot more time and investments towards testing efforts compared to other fintech companies. All of this is done to make sure you have a pleasant and bug-free experience with Penta.
Your money is held by Solarisbank, which has a European full banking license. Solarisbank is a member of the Deposit Guarantee Fund of the Federal Association of German Banks under the supervision of BaFin and the European Central Bank (ECB). The balance on your Penta account is covered by the Deposit Guarantee Fund under EU directives up to 100,000 Euro.
At Penta, we are committed to protecting your personal information and ensuring that you have full control over how it is used. Penta and all of our integration partners are fully compliant with the new EU General Data Protection Regulation (GDPR). In cooperation with our banking partner Solarisbank, we have adapted our terms of the contract.