On-chain settlement, managed keys by default
Settlement happens on-chain. Payments and payouts move directly through the underlying networks (Stellar, Visa Direct, ACH, MoneyGram, etc.) from payer to your settlement destination — the funds never sit on a Useroutr balance sheet.
By default, Useroutr provisions and manages a Stellar settlement wallet on your behalf so you can accept payments from day one. The private key for that wallet is encrypted at rest under a KEK held in a managed secrets store, used only to forward funds to you. You can withdraw the balance to a wallet you control at any time, and you can upgrade to a self-custody settlement wallet (passkey or bring-your-own) whenever you choose.
Funds and payouts still move directly via the underlying networks (Stellar, Visa Direct, ACH, MoneyGram, etc.) — Useroutr is the orchestrator, not the destination. Our infrastructure routes, observes, and reconciles — it does not hold balances.
This architecture reduces the blast radius of any compromise: there’s no honey pot of customer funds at Useroutr to steal.
Encryption in transit & at rest
- All traffic between your systems and Useroutr is protected with TLS 1.3 and modern cipher suites. HTTP-only endpoints are rejected.
- Data at rest in our primary databases and object storage is encrypted with AES-256, with keys managed in AWS KMS and rotated annually.
- Sensitive fields (API secrets, signing keys, KYB documents) are additionally encrypted at the application layer with envelope encryption.
Access controls
Engineer access to production systems is granted on a least-privilege basis, requires hardware-key MFA, and is audited via SSH/console session logs. Production secrets are never stored on developer laptops.
Internal access changes whenever an employee’s role changes or they leave the company. Quarterly access reviews are run by our security team and signed off by the relevant manager.
Audits & certifications
Useroutr is currently completing its SOC 2 Type II audit. Until the report is available, customers under NDA can request the observation period and any control summaries from our security team.
Annual third-party penetration tests of our application and infrastructure are conducted by an independent firm. Executive summaries are available on request.
Network & infrastructure
The Useroutr platform runs on AWS in geographically separated regions with multi-AZ failover for stateful services. Traffic is fronted by a WAF that rate-limits and filters common attack patterns.
Background jobs, webhook delivery, and reconciliation run in private subnets without inbound public access. Egress is restricted to allow-listed payment networks and core service dependencies.
Vulnerability disclosure
We welcome reports from independent researchers. If you believe you’ve found a vulnerability in the Useroutr platform, email security@useroutr.com with the details. We will acknowledge within one business day and work with you in good faith to triage and remediate.
We do not currently operate a paid bug bounty program but we maintain a public hall of fame for verified reports.
Incident response
Useroutr maintains a documented incident-response plan covering detection, containment, eradication, recovery, and post-incident review. We will notify affected customers without undue delay when a confirmed incident materially impacts the security or availability of the Services.