TurnKey Lender Information Security

TurnKey Lender is committed to protecting our clients and their data. The company’s information security policy exceeds regulatory requirements for data security going above industry standards and best practices. TurnKey Lender has SOC2 Type I and SOC2 Type II compliance reports and the globally-recognized ISO 27001 Certification.

The cybersecurity of your information and business is paramount to TurnKey Lender. We regularly have our solutions audited and tested, internally, and by outside specialists. This page provides a high-level overview of the security measures we take to keep your digital lending operation safe.

See TurnKey Lender in action and talk about your business’ information and cybersecurity with a digital lending expert.

TurnKey Lender Information Security Policy

Below you can find and download TurnKey Lender’s Information Security Policy. We use it to ensure the protection of information from unauthorized access, loss, or damage while supporting open information-sharing and storing the needs of our clients. The TurnKey Lender ISP includes:


Information Security Objectives


Overview of Information Security at TurnKey Lender


Hardware and Software Environment Security Policy


Human Resources Security Policy


Information Security Incident Management


Information Security Certificates

TurnKey Lender Security Features

  1. Flexible user permissions management allows you to grant users access rights only to the workplaces and data they need in their day-to-day work.
  2. API Clients functionality allows integrating with third-party products and services using unique secret keys for each case.
  3. Adjustable password strength based on your requirements and the local regulations.
  4. Two-factor authentication for borrowers and staff.
  5. The web application is protected against XSS, scripts, SQL injections, and other common cyberattack types.
  6. Sensitive information is only sent to the servers via the HTTPS protocol as per the best practices accepted on the web.
  7. Sensitive information is processed on the server-side only.
  8. All passwords are encrypted and then stored in the database as “Salted Hash” (cryptographic security measure).
  9. The System supports temporary user lockout. It takes place after multiple failed authentication attempts.
  10. TurnKey Lender security is enhanced with anti-DDoS throttling protection.
  11. A wide array of fraud-prevention rules built-in.


Learn more about streamlining your operations cybersecurity in our white paper.

Certified and Compliant

Speak to TurnKey Lender’s team about your operations information and cybersecurity today.