Trust & security
PlainSpan runs a dealership's money, customer records, and card payments. We built it to keep all of that protected — isolated per dealership, access controlled, audited, and correct on every transaction.
Each dealership's data is separated at the database layer — not just in app code.
Role-based access, two-factor sign-in, and a full audit trail on sensitive actions.
Balanced books, with locks that stop the same transaction from posting twice.
Every dealership's data is walled off at the database itself with Postgres row-level security — not only in application code. Each query is scoped to a single dealership, so one customer's records can never surface in another's.
Access follows fine-grained, role-based permissions that each dealership tailors to its own team — so people see exactly what their job needs, and nothing else.
Accounts are protected with authenticator-app two-factor and backup codes. Enforcement is configurable per dealership.
Security-sensitive and business-critical actions are recorded with the actor, the action, the affected record, the time, and the IP address — so sensitive actions leave a record you can review.
We never store full card numbers or CVV. PlainSpan keeps only secure processor tokens, the last four digits, and the card brand — so sensitive card data never lives in your dealership's system.
Every journal entry has to balance before it posts, and money-moving actions like receiving a delivery or taking a payment take database-level locks — so two people can't post the same one twice. Financial correctness is enforced by the system, not left to discipline.
Traffic is served over TLS, payment and integration credentials are encrypted, and your data lives on encrypted, managed AWS infrastructure.
PlainSpan runs on managed AWS (Amazon RDS) with automated backups, so your dealership's data is protected and recoverable.
Get in touch
Partners and prospects evaluating PlainSpan — and anyone reporting a potential vulnerability — can reach us directly.