Trust Score Regulatory Framework
GamaVault's Trust Score is a comprehensive, regulatory-aligned assessment system that evaluates businesses across 10 critical verification points.
Our framework aligns with PCI-DSS, GDPR, AML/KYC standards, and international consumer protection mandates.
What This Means
Businesses in this tier have passed the most rigorous verification standards and are certified safe for both Personal Information (PI) and Financial Transactions (FT).
Regulatory Compliance
- Meets highest standards for security controls, identity assurance, and data protection
- Full compliance with PCI-DSS (Payment Card Industry Data Security Standard)
- GDPR-compliant data handling and privacy practices
- No outstanding verification gaps or compliance risks
Suitable For
✓ Financial Transactions
✓ Personal Data Processing
✓ Healthcare Records & HIPAA-regulated data
✓ Legal Documents & Contracts
✓ Payment Processing & E-commerce
What Gets Verified
- Complete security infrastructure assessment
- Physical address verification matching registration documents
- Business registration and legal entity confirmation
- Domain-based email with SPF/DKIM authentication
- Verified business phone with location matching
- SSL/TLS encryption and secure transmission protocols
What This Means
Strong security posture with complete identity verification. Suitable for most business operations with minor improvements needed.
Regulatory Compliance
- Strong compliance with major regulatory frameworks
- Comparable to "low-risk entity" classification in AML/KYC systems
- Minor non-critical improvements may exist but don't affect trust materially
Suitable For
✓ Most Financial Transactions
✓ User Onboarding & Account Creation
✓ Data Sharing & Integration
✓ E-commerce & Online Sales
✓ SaaS Platforms & Cloud Services
What This Means
Good security and identity controls with non-critical gaps. Appropriate for basic business interactions but not recommended for sensitive data.
Regulatory Compliance
- Meets baseline compliance requirements
- Aligns with risk-tiering used in AML/KYC frameworks
- Requires improvements for high-value transactions
Suitable For
✓ Basic Information Handling
✓ General Business Interactions
✓ Non-Financial Services
⚠️ Not recommended for sensitive data or high-value transactions
What This Means
Baseline security and partial identity verification only. Proceed with caution for any data sharing.
Regulatory Compliance
- Mirrors "limited assurance" language used by auditors and regulators
- Not approved for personal data or financial transactions
- Requires additional verification to meet compliance thresholds
Suitable For
⚠️ Non-Sensitive Interactions Only
⚠️ Public Information Access
✗ Not approved for financial transactions
✗ Not approved for personal data handling
What This Means
Insufficient security controls and incomplete identity verification. High risk of fraud or operational issues.
Regulatory Status
- Does not meet minimum compliance standards
- Identity incomplete, inconsistent, or unverifiable
- High likelihood of fraud, impersonation, or operational risk
- Aligned with consumer-protection warning standards
NOT Recommended For
🚫 Any Personal Information
🚫 Financial Transactions
🚫 Data Processing
🚫 Regulated Activities
🚫 Any Sensitive Interactions
