Security & Trust
Built for the data brokers and carriers share with us.
CarrierTrust handles operational, compliance and identity data. Here's how we protect it - and how we make sure the platform never claims more than it can prove.
Carrier data consent
Carriers explicitly opt in to share telematics, ELD, TMS and insurance data. Consent is recorded, scoped and revocable.
Role-based access
Granular roles for brokers, managers, compliance and admins. Just-in-time elevation for sensitive actions.
Audit logs
Immutable, exportable log of every vetting decision, policy change, role change and integration event.
Score transparency
Every Trust Score shows the underlying signals, sources and freshness - no black box scoring.
Data freshness indicators
Each data point displays when it was last refreshed, so brokers know how fresh the signal really is.
API key management
Per-key scopes, rotation, rate limits and usage analytics. Revoke or rotate in one click.
Secure backend functions
Service logic runs in secure server functions with least-privilege credentials and tenant isolation.
Encryption everywhere
TLS 1.2+ in transit and AES-256 at rest. Secrets are managed and rotated via a dedicated key manager.
Broker-configurable policy controls
Brokers own their policies and thresholds. CarrierTrust runs your policy - it doesn't impose one.
Tenant isolation
Per-tenant logical isolation with row-level access controls and per-tenant audit visibility.
What we don't claim
We don't certify carriers as safe.
CarrierTrust is a trust-assessment platform. It documents what data was evaluated, what your broker policy returned, and when. We will never use carrier-safety certification language, and we will never tell you a carrier is safe - only what the connected data shows and what your policy concluded.
Need our security packet?
We share architecture diagrams, data handling details and audit posture with qualified prospects.