PsiFi takes the security of our platform and users seriously. If you discover a security vulnerability, please report it to us privately.

Email: security@psifi.app

When reporting a vulnerability, please provide:

1. A clear description of the vulnerability
2. Steps to reproduce the issue
3. The potential impact or severity
4. Any proof-of-concept code (if applicable)
5. Your recommendations for remediation (optional)

• Acknowledgment: We will acknowledge receipt of your report within 48 hours
• Communication: We will keep you informed of our progress
• Credit: With your permission, we will publicly credit you for the discovery once resolved
• No Legal Action: We will not pursue legal action against security researchers who act in good faith

To qualify for responsible disclosure:

• Do not access, modify, or delete data belonging to other users
• Do not degrade the performance or availability of our services
• Do not publicly disclose the vulnerability before we have resolved it
• Do not use the vulnerability for financial gain beyond any bug bounty offered
• Do provide us reasonable time to investigate and address the issue

• PsiFi for Individuals (my.psifi.app)
• PsiFi for Business (portal.psifi.app)
• PsiFi mobile applications (iOS and Android - coming soon)
• PsiFi API endpoints
• Authentication and authorization mechanisms
• Payment and transaction processing
• User data protection

• Social engineering attacks on PsiFi employees
• Physical security of PsiFi offices
• Denial of service attacks
• Third-party services and applications
• Issues already known or previously reported

PsiFi implements the following security measures:

• End-to-end encryption for sensitive data
• Non-custodial wallet architecture
• Multi-factor authentication support
• Regular third-party security audits
• Compliance with financial regulations
• Secure key management practices

• Security Issues: security@psifi.app
• General Support: support@psifi.app
• Website: https://psifi.app