Skip to main content

Security Overview

Mod AI takes security seriously. Your accounts payable data is sensitive -- it includes vendor details, financial amounts, banking information, and internal approval workflows. Here is how we protect it.

Your Data Stays Yours

Your data is never used to improve the AI. It is never shared with other customers, third parties, or used for any purpose beyond processing your invoices. Each organization's data is completely isolated -- there is no way for one customer to access another's data.

The AI in Mod AI processes your invoices in real time and does not store your data afterward. Your invoices, vendor records, and financial information remain entirely within your organization's secure environment.

Data Encryption

All data in Mod AI is encrypted at every stage:

  • In transit -- All data moving between your browser and Mod AI is encrypted using industry-standard encryption (HTTPS). This includes every interaction, file upload, and email forward.
  • At rest -- All stored data is protected with enterprise-grade encryption. This includes invoices, extracted data, vendor records, and audit logs.

Complete Data Isolation

Every organization's data in Mod AI is completely separate. Your invoices, vendor records, and financial data are isolated so that no other customer can ever access them -- not accidentally, not intentionally. This isolation is enforced at every level of the platform.

User Permissions

Five roles control what each user can see and do within an entity:

RoleAccess Level
AdminFull access to all features and settings
ManagerManage users, rules, policies, vendors; can approve
ApproverReview and approve/reject assigned documents
ClerkUpload, review, and edit invoices; cannot approve
AuditorRead-only access to all data

Every action in the platform is checked against the user's role. Features are locked in the interface based on your permissions -- you will not see buttons or pages for actions you do not have access to.

For a detailed breakdown of each role, see User Roles.

Infrastructure

Mod AI is hosted on secure, enterprise-grade cloud infrastructure with:

  • Network-level isolation -- Your data is protected behind multiple layers of access controls.
  • Automatic encrypted backups -- Backups are taken automatically and encrypted.
  • Built-in disaster recovery -- Redundant systems ensure the platform stays available.
  • 24/7 monitoring -- The platform is continuously monitored for anomalies and threats.

Fraud Detection Capabilities

Mod AI includes multiple mechanisms to help you detect and prevent fraud:

  • Email sender verification -- When an invoice arrives via email, the system checks the sender. Suspicious or unrecognized senders are flagged with a notice so you can investigate before processing. See External Sender Notice.
  • Duplicate detection -- The AI automatically identifies potential duplicate invoices based on vendor, invoice number, amount, and date. Duplicates are flagged with a notice before they can be approved. See Duplicate Invoice Notice.
  • Banking change alerts -- Any changes to vendor banking information trigger immediate alerts. This helps catch business email compromise (BEC) and payment fraud attempts. See Banking Info Changed Notice.

Audit Trail

Every action in the platform is logged -- who did what, when, and to which document. The audit trail captures:

  • Invoice creation, edits, and status changes
  • Approval actions (approve, reject, delegate)
  • User management changes
  • Settings changes
  • Login events

The audit log is immutable and available for compliance review. Auditors with the Auditor role can view the complete trail for any document or user.

Learn More

We use cookies to understand how visitors use our site.