The Qaravan data center is in the continental US, near our offices just a few miles outside of Washington, DC. We have roots in the world of federal government IT contracting, so we have a unique appreciation for exceptionally conservative IT security standards.
Our website, application, and data warehouse all reside within a private, firewalled environment that is exclusive to Qaravan. This infrastructure is physically located within a modern, highly secure data center that conforms to the internationally recognized ISO/IEC 27001 security protocols.
It has recently been audited by PWC and given a "clean opinion" relative to internal control standards established by the American Institute of Certified Publick Accountants (AICPA).
With regards to personal financial information, no credit card information is ever seen or stored by Qaravan. This information is managed entirely by one of the nation’s most trusted payment gateways, Stripe, which maintains strict “air gapped” encryption key pairs, strong DSS storage protocols, and a Level 1 PCI Compliance rating (the highest in the industry).
For our web-based software, Qaravan’s first line of defense is similar to the banking industry’s “Know Your Customer” protocols—we make sure we’re serving real people who have responsible intentions. One way we screen out the bad guys is by requiring users to activate their trial through a corporate email accounts. We routinely screen for and investigate new accounts activated through free and ISP-based email providers (gmail, yahoo, verizon, etc.). Additionally, we ask that users adhere to an enhanced set of standards when creating an account password.
Finally, after a user has been cleared to establish an account, the only way to authenticate and access the Qaravan application is through our enterprise class firewall over our encrypted network. Qaravan’s Comodo SSL “Extended Validation” certificate provides a 2048-bit protocol (the highest assurance level available), 99.9% browser recognition, and a $1,750,000 relying party warranty.
For our downloadable applications, like the Qaravan Excel Add-In, we digitally stamp our code with a Comodo Code Signing Certificate to verify that it is an authenticate, unaltered product provided directly from us.
By taking rigorous steps like these, we can maintain a high level of security, without compromising your user experience.