1.Security Principles#
TrustEcho takes a layered approach to security. Our principles guide how the platform is designed, operated and maintained, from the infrastructure that powers transactions to the controls that govern internal access.
These principles apply across every part of the service and shape the practices described in the sections below.
2.Platform Security#
TrustEcho operates on modern cloud infrastructure using secure configuration, controlled access and ongoing platform monitoring.
Production systems are hardened, regularly updated and isolated from development environments. Configuration changes follow controlled processes designed to reduce the risk of misconfiguration or unintended exposure.
3.Data Protection#
Personal information is collected only where necessary, processed securely and handled in accordance with our Privacy Policy.
Data handling practices are reviewed regularly to ensure information is retained only for as long as it is needed for the purposes it was collected.
4.Encryption#
Encryption in Transit
All communication between users and TrustEcho is encrypted using modern TLS protocols.
Encryption at Rest
Sensitive platform data is protected using industry-standard encryption.
Security is built into every transaction.
TrustEcho combines verified participants, secure payment controls and documented accountability to protect buyers, sellers and service providers before, during and after every transaction.
5.Identity Verification#
Participants are verified before joining a transaction. Verification helps reduce fraud before transactions begin by ensuring both sides know who they are dealing with.
Verified identity is a foundational requirement for participating on the platform and supports the accountability features that follow.
6.Fraud Prevention#
TrustEcho applies layered protection against fraud, including:
- Verified participants on both sides of a transaction
- Documented agreements that clarify expectations upfront
- Two-party confirmations before money changes hands
- Shared transaction records visible to both parties
Together these controls reduce the conditions in which fraud typically occurs and give both parties a clear record if a dispute arises.
7.Monitoring & Access Control#
Platform access is restricted using role-based permissions. Internal access is granted on a least-privilege basis and reviewed regularly.
Access to production systems is logged, and unusual activity may be reviewed to protect users and maintain the integrity of the platform.
8.Responsible Disclosure#
We welcome reports from security researchers and the wider community.
If you believe you have identified a security vulnerability, please contact support@trustecho.com.au. TrustEcho investigates responsible disclosures promptly.
9.Contact#
Need to report a security issue?