Platform Safety Basics

PayBru takes the safety of creators and members seriously. This page outlines the measures in place to protect your account, payments, and personal data.

Two-Factor Authentication (2FA)

PayBru supports TOTP-based two-factor authentication to add an extra layer of security to your account.

How it works: Enable 2FA from your account security settings. You will be shown a QR code to scan with an authenticator app (such as Google Authenticator or Authy).
Recovery codes: When you enable 2FA, PayBru generates a set of recovery codes. Store these in a safe place - they allow you to regain access if you lose your authenticator device.
Enable or disable: You can turn 2FA on or off at any time from your security settings.

warning

We strongly recommend enabling 2FA, especially for creator accounts that handle payouts. It significantly reduces the risk of unauthorised access.

Password Security

PayBru checks your password against the Have I Been Pwned (HIBP) database when you set or change it. If your chosen password has appeared in a known data breach, you will be asked to choose a different one.

This helps ensure that your account is not protected by a password that is already compromised elsewhere.

Device Tracking

PayBru monitors the devices used to access your account to detect unauthorised access:

Device fingerprinting: Each device you use is identified and recorded.
IP and geolocation logging: Login locations are tracked to flag unusual access patterns.
Trusted and untrusted devices: Devices you use regularly are marked as trusted. New or unrecognised devices are flagged as untrusted and may require additional verification.
24-hour trust grace period: When you verify a new device, it enters a 24-hour grace period before being fully trusted.

tip

Review your recognised devices periodically in your account settings. If you see a device you do not recognise, revoke its access and change your password.

Session Management

You have full control over your active sessions:

Active session list: View all currently active sessions, including device type and location.
Revoke individual sessions: End a specific session if you no longer want that device to be logged in.
Revoke all other sessions: Instantly log out of every session except the one you are currently using.

Payment Security

All payments on PayBru are processed through Paystack, a secure, PCI-compliant payment provider. This means:

Card details are never stored on PayBru servers: Payment information is handled entirely by Paystack.
Encrypted transactions: All payment data is transmitted using industry-standard TLS encryption.
Fraud monitoring: Transactions are monitored for suspicious activity to protect both creators and members.

info

PayBru will never ask you for your full card number, CVV, or banking password via email or chat. If you receive such a request, it is not from PayBru.

Content Moderation

PayBru includes automated tools to maintain content quality across communities:

Profanity detection: Content is automatically scanned for profanity, with configurable severity levels so each community can set appropriate thresholds.
Spam detection: Automated checks identify and flag repetitive or suspicious content.
Approval workflow: Flagged content goes through an approval or rejection process, giving community moderators control over published content.

KYC Verification

Creators who wish to receive payouts must complete Know Your Customer (KYC) verification. This is a regulatory requirement to confirm your identity before funds can be disbursed.

Required Documents

You may be asked to submit one or more of the following:

Document type	Purpose
Identity document	Verify your identity (e.g., ID card, passport).
Proof of address	Confirm your residential address.
Business registration	Required for business accounts.
Bank statement	Verify your banking details for payouts.

Verification Status

After submitting your documents, your KYC status will be one of:

Pending: Documents are under review.
Approved: Verification complete; payouts are enabled.
Rejected: Documents did not meet requirements. You will be given a reason.
Resubmission Required: Additional or corrected documents are needed.

note

KYC verification is only required for payout functionality. Members who are not receiving payouts do not need to complete KYC.

Data Handling

PayBru collects only the data necessary to operate the platform and provide services. Key principles:

Minimal data collection: We collect what we need and nothing more.
No selling of personal data: Your information is not sold to third parties.
Access controls: Internal access to user data is restricted to authorised personnel for support and operational purposes.
Secure storage: Files and documents are stored securely using Cloudflare R2 with private access controls.
POPIA compliance: PayBru operates in accordance with the Protection of Personal Information Act (POPIA).

Platform Monitoring

PayBru actively monitors the platform for:

Accounts engaging in fraudulent activity.
Automated or bot-driven behaviour.
Attempts to exploit the platform or its users.

Detected issues are addressed promptly, and affected users are notified when appropriate.

Two-Factor Authentication (2FA)​

Password Security​

Device Tracking​

Session Management​

Payment Security​

Content Moderation​

KYC Verification​

Required Documents​

Verification Status​

Data Handling​

Platform Monitoring​