Security Architecture
Linora's security model is built on the principle of defense in depth. Multiple independent security layers protect your transactions and data, ensuring that no single point of failure can compromise the system.
Encryption
All data in transit is protected by TLS 1.3 with 256-bit encryption. Data at rest is encrypted using AES-256-GCM. Encryption keys are rotated on a regular schedule and stored in hardware security modules (HSMs).
Non-Custodial Architecture
Linora operates on a non-custodial model. We never hold, store, or have access to your funds. Exchange transactions are processed through secure, automated pipelines that transfer value directly between counterparties.
Card-Level Controls
Each virtual card issued through Linora can be restricted to specific payment flows and merchant categories. This prevents unauthorized transactions even if card details are compromised.
- Merchant restrictions -- Limit card usage to specific merchant categories.
- Transaction limits -- Set per-transaction and daily spending limits.
- Geographic controls -- Restrict usage to specific regions or countries.
- Single-use cards -- Issue cards that deactivate after one transaction.
Infrastructure Security
- DDoS protection -- Enterprise-grade mitigation across all endpoints.
- WAF -- Web Application Firewall with custom rulesets for financial services.
- Continuous monitoring -- 24/7 automated threat detection and response.
- Penetration testing -- Regular third-party security assessments.
- Incident response -- Defined procedures for rapid containment and recovery.
Responsible Disclosure
If you discover a security vulnerability in Linora's systems, we encourage responsible disclosure. Please contact our security team through the contact page. We do not pursue legal action against researchers who report vulnerabilities in good faith.