Skip to main content
Security

Your money. Your circle's business.
Safe at every layer.

Community finance only works if the infrastructure around it is honest. Here's exactly what we do at every layer, identity, data, transactions, payment, to make sure it stays that way.

Powered by Veriff

Every member,
identity-verified.

The strongest ROSCA has always been one where everyone knows everyone. Njangy keeps that, at global scale, by verifying the identity of every member before they can join a house, contribute to a sponsorship, or receive a payout.

We use Veriff, the same identity platform trusted by regulated banks, brokerages, and governments worldwide. No shortcuts, no self-declared identity, no synthetic profiles.

  • Government ID scan with document authenticity checks
  • Selfie + liveness verification, no photo spoofing
  • Real-time sanctions and PEP screening
  • Cross-check against the name on your linked payment method
  • Audit trail of the verification, retained per regulation
Verified
01Document scan
02Selfie + liveness
03Sanctions screening
04Payment match
Encryption

Bank-grade encryption

All data encrypted in transit (TLS 1.3) and at rest (AES-256). Your balances, contributions, and messages are unreadable to anyone but you.

KYC verification

KYC identity verification

Every member is identity-verified before joining a house or sponsoring support, the same standards you'd expect from any regulated financial platform.

Audited transactions

Every transaction, audited

Every credit and debit flows through a tamper-evident transactions ledger with per-action triggers. No off-ledger balance changes, ever.

Row-level isolation

Row-level data isolation

Postgres row-level security ensures members of one house can never see another's data, even if they share a server. Your circle's business stays your circle's.

Trusted payment rails

Trusted payment rails

Money moves through the world's most trusted payment networks, PayPal, MTN Mobile Money, Orange Money, Visa, Mastercard, Apple Pay, never through Njangy directly.

SOC 2-ready

SOC 2-ready practices

Access controls, audit logging, incident response, vendor reviews, and backups, all running to SOC 2 Type II standards. Independent certification in progress.

Responsible disclosure

Found a vulnerability? Tell us first.

We operate a coordinated disclosure program. Report anything you find and we'll acknowledge it within 48 hours, keep you updated as we investigate, and credit you publicly if you'd like. Acting in good faith under our disclosure terms, we won't pursue legal action.

security@njangy.com

48-hour acknowledgment · PGP key on request · bug-bounty program terms available on request

Available tools

This page supports WebMCP. Tools become available when an agent connects.