How Sycamore
Protects You

Security measures we use across platforms (apps, web etc) to ensure Sycamore is safe for you.

Strong Password Requirement

Every user must create a unique, strong password that includes a combination of letters, and numbers, and meets a minimum character length to secure their account.

6-Digit PIN Security

Users must set a unique, strong 6-digit PIN without repetitive or consecutive numbers to enhance account security.

Device Authentication

Each user profile is tied to a specific device. Any attempt to sign in on a new device is validated with a one-time password (OTP) sent to the registered phone number.

Identity Verification

Users must validate their Bank Verification Number (BVN), National Identity Number (NIN), and a valid government-issued ID (driver’s licence, voter’s card, national ID card, or NIN slip) before they can carry out transactions. This prevents identity fraud by confirming the authenticity of all users.

Biometric Security

The Sycamore mobile app supports biometric authentication (fingerprint and Face ID) for an extra layer of security during sign-in, if the user's device supports these features.

Real-Time Transaction Alerts

Users receive real-time alerts via app notifications and emails for all transactions, keeping them informed and up-to-date.

3D Secure Card Payments

We store all card details with a 3D Secure (3DS) Card Payments partner, Paystack. This adds an extra layer of security for online card payments, ensuring users receive a code from their bank by SMS and/or email to authorise each payment.

Encryption of Personal Information

 All personal and account details are secured with the highest level of encryption. Sycamore does not share user information with unauthorised third parties and never sells user data.

Single Session Authentication

We enforce single session authentication, preventing a single account from being logged into on multiple devices simultaneously.

Rate Limiting

Rate limiting on our endpoints helps prevent abuse and ensures fair usage of our services.

Tier System for Transactions

We use a tiered system for transactions to manage and secure different levels of user activity.

Two-Factor Authentication (2FA)

2FA is required for an added layer of security, ensuring that even if a password is compromised, an additional verification step is needed.

DDOS Protection

We use services like Cloudflare to prevent Distributed Denial of Service (DDOS) attacks, ensuring the security and availability of our platform.

Frequently asked questions