Loading rilstack...

← Back to Rilstack

Security & Fraud Prevention

Last updated: April 6, 2026

1. Our Security Commitment

At Rilstack, security is foundational — not an afterthought. We employ bank-grade security infrastructure to protect your personal data, financial information, and transactions. Our security practices are aligned with Central Bank of Nigeria (CBN) guidelines and international standards.

2. Data Encryption

  • In Transit: All data transmitted between your device and our servers is protected with 256-bit SSL/TLS encryption
  • At Rest: Sensitive data including NIN, BVN, and financial records are encrypted using AES-256 encryption
  • Passwords: Stored using bcrypt with salt rounds — we never store plaintext passwords
  • API Communications: All internal and third-party API calls use encrypted channels with certificate pinning

3. Identity Verification (KYC)

Rilstack requires Know Your Customer verification to protect you and the platform:

  • NIN Verification: Mandatory for all accounts — validates your identity against the National Identity Management Commission (NIMC) database
  • BVN Verification: Optional but recommended — provides additional identity confirmation through the Nigeria Inter-Bank Settlement System (NIBSS)
  • Purpose: Prevents identity theft, money laundering, and account fraud

4. Fraud Detection and Prevention

We employ multiple layers of fraud prevention:

🔍 Transaction Monitoring

Real-time monitoring of all transactions for suspicious patterns including unusual withdrawal amounts, rapid successive transactions, and activity from unfamiliar locations.

🛡️ Account Protection

Automatic account lockout after multiple failed login attempts. Session management with secure token rotation. Device fingerprinting to detect unauthorized access.

⚠️ Suspicious Activity Alerts

Instant email notifications for login from new devices, password changes, large transactions, and withdrawal requests. You will always be informed of account activity.

🏦 Anti-Money Laundering (AML)

Compliance with CBN AML/CFT regulations. Suspicious transactions are flagged and reported to the Nigerian Financial Intelligence Unit (NFIU) as required by law.

5. Infrastructure Security

  • Hosted on enterprise-grade cloud infrastructure with SOC 2 compliance
  • DDoS protection and Web Application Firewall (WAF)
  • Regular penetration testing by independent security firms
  • Automated vulnerability scanning and patch management
  • Role-based access controls (RBAC) for all internal systems
  • Comprehensive audit logging of all administrative actions

6. Your Responsibilities

Security is a shared responsibility. We recommend:

  • Use a strong, unique password (minimum 8 characters with mixed case, numbers, and symbols)
  • Never share your login credentials, OTPs, or PINs with anyone
  • Rilstack will never ask for your password via email, phone, or chat
  • Enable screen lock on your devices
  • Log out after using Rilstack on shared or public devices
  • Keep your email address and phone number up to date for security alerts
  • Report any suspicious activity immediately

7. Fraud Liability

If unauthorized transactions occur on your account due to a security breach on our end, Rilstack will investigate and reimburse verified fraudulent transactions. Our $0 fraud liability guarantee applies when:

  • You report the unauthorized activity within 48 hours
  • You did not willingly share your credentials
  • The breach is confirmed through our investigation

Claims are reviewed on a case-by-case basis. We aim to resolve fraud disputes within 10 business days.

8. Reporting Fraud or Security Issues

If you suspect fraud or a security vulnerability, contact us immediately:

Emergency Fraud Line: rickinvestmentslimited@gmail.com (Subject: URGENT FRAUD)

Security Vulnerability Reporting: rickinvestmentslimited@gmail.com

General Support: rickinvestmentslimited@gmail.com

We respond to fraud reports within 4 hours during business days (Mon–Fri, 8AM–6PM WAT).

9. Regulatory Compliance

Rilstack operates in compliance with:

  • Central Bank of Nigeria (CBN) guidelines on electronic banking
  • Nigeria Data Protection Act (NDPA) 2023
  • Money Laundering (Prevention and Prohibition) Act 2022
  • Cybercrimes (Prohibition, Prevention, etc.) Act 2015
  • Securities and Exchange Commission (SEC) regulations for investment services

10. Updates to This Policy

We continuously enhance our security practices. Changes to this document will be communicated via email and in-app notification. We encourage you to review this page periodically.