Skip to Main Content

Security at Credible

Credible holds SOC 2 Type 2 attestation for the following Trust Services Criteria:

Security, Availability, and Confidentiality.

SOC 2 Type 2 attestation

Industry standard security means your information is protected

We take the security of your information very seriously. That’s why we employ industry standard practices to ensure that the information you provide on Credible is safe at all times.
  • Credible holds SOC 2 Type 2 attestation for the following Trust Services Criteria: Security, Availability, and Confidentiality. This means Credible’s implemented practices for these criteria have been audited and attested by external auditors.
  • In addition to undertaking frequent scans of our products, we engage respected security firms to perform a regular cadence of penetration tests covering our networks, infrastructure, and application. These tests probe for vulnerabilities in our environment and ensure we're always ahead of the game in keeping our security top-class.

What measures does Credible take to protect my information?

Your information is not accessible by anyone except those parties that you agree to share your information with (for example, lenders but only when you instruct us to share that information). Our security measures are explained in plain English below.

Encryption

Use of industry standard cryptography algorithms

Data is encrypted at rest, and encrypted in transit using transport layer security (TLS) between your browser and our systems, as well as internally within our technical infrastructure.

HTTPS Secure

Transmission between your web browser and our web server is protected using industry standard transport layer security technology

Credible only uses HTTPS for transmitting requests. Web apps that use HTTPS for authentication protect your password. If they use regular HTTP after you log in, they’re not protecting your privacy or your temporary identity.

TLS allows sensitive information such as social security numbers and login credentials to be transmitted securely. This encrypts your information and makes it unreadable to anyone except Credible. You can verify this by checking for the key or lock icon on your browser.

Process Time

Timeout features to log you out if there has been no activity within a specified period of time

If you’re not logged in to your account, you don’t want someone else to be either. We automatically log your session out after a period of inactivity – but don’t worry, we auto-save your progress if you’re completing a form.

What steps can you take to ensure your security?

  • Create a unique password. Protect that password and don’t share it with anyone.
  • Always log off after using Credible.com.
  • Notify us if your information appears incorrect or if you notice anything suspicious. Simply email us at [email protected].
  • Watch out for fraudulent/phishing emails from people pretending to be Credible representatives, including messages you receive on social networking sites that include a direct message component such as LinkedIn or Facebook. Credible will never send you an email, text message, or social media direct message asking for your Credible login credentials or other personal information. Notify [email protected] if you receive a suspicious communication.
  • Report a potential vulnerability of our platform to our security team by emailing at [email protected]. Refer to our Responsible Disclosure Policy for more details.
  • Become familiar with the Federal Trade Commission’s website which has some great tips about 'how to keep your personal information secure'.

Contact Us

Have questions? We’re here to help.

[email protected]

Chat Now

866-540-6005

Monday - Thursday 

9am - 9pm ET

Friday 

9am - 7pm ET

Sat 

10am - 6pm ET

Sun 

Closed