DRAFT — not yet lawyer-reviewed. This copy is provisional and intended for product preview only. For binding terms of use, refunds, privacy or security commitments, please contact support@trvo.in. Reviewed final versions will replace these pages before public-launch traffic.
Security & data
How we protect your account and your money.
Account security
- OTP-based login via mobile number — no shared passwords across devices
- Per-device session keys, revoke any device from settings
- Smartcard remote-block in 1 tap if lost
Payments
- All card transactions processed by Razorpay · PCI-DSS Level 1
- TRVO never stores card numbers, CVVs or PINs
- UPI mandates require explicit user approval per cycle
Encryption
- TLS 1.3 in transit, AES-256 at rest
- Per-row encryption for KYC fields
- Backups in two geographies, encrypted with rotated keys
Responsible disclosure
Found a vulnerability? Email security@trvo.in with details. We respond within 48 hours and pay out bounties for valid reports.