SAFETY

Security at Mismatched

Built for Trust. Designed for Safety. Engineered to Protect.

At Mismatched, security is not a feature it is a foundation.
Every interaction, match, message, and piece of data is protected by systems designed to prevent misuse, abuse, breaches, and manipulation.

You trust us with your identity, preferences, and conversations. We take that responsibility seriously.

Our Security Promise

Mismatched is committed to providing a secure, private, and abuse-resistant platform where genuine human connections can grow without compromising user safety, data privacy, or trust.

We operate on three non-negotiable principles:

1. Prevention before reaction
2. Zero tolerance for misuse
3. Accountability at every layer

1. Platform & Data Security

End-to-End Protection of User Data

• All sensitive user data is encrypted in transit and at rest
• Messages, images, and personal data are protected using industry-standard cryptographic protocols
• Access to production systems is strictly limited and logged at all times

Mismatched does not sell, trade, or misuse user data ever.

Strict Access Control & Zero-Trust Architecture

• Internal access follows a least-privilege model
• Multi-factor authentication (MFA) is mandatory for all internal systems
• Employee access is role-based, time-limited, and continuously audited

Unauthorized access attempts are automatically flagged and investigated.

2. Secure Development & Infrastructure

Security-First Product Design

Security is embedded into every stage of development:

• Secure coding standards
• Mandatory security reviews before releases
• Continuous vulnerability scanning

No feature goes live without passing internal security checks.

Independent Testing & Penetration Audits

• Regular third-party penetration testing
• Infrastructure and application-level security audits
• Continuous monitoring for new and emerging threats

Weaknesses are addressed immediately not deferred.

3. Abuse Prevention & Platform Integrity

Identity & Account Protection

• One person, one account policy
• Automated systems to detect fake profiles, bots, impersonation, and mass account creation
• Suspicious behavior triggers real-time review and restriction

Accounts engaging in fraud, harassment, or manipulation are permanently removed.

Proactive Threat Detection

Our systems actively monitor for:

• Scams and financial fraud
• Harassment and coercive behavior
• Sextortion, impersonation, and blackmail attempts
• Malicious links and phishing patterns

We do not wait for harm to occur—we act early.

4. Monitoring, Logging & Incident Response

24/7 Security Monitoring

• All access, actions, and system changes are logged
• Continuous threat detection and anomaly tracking
• Dedicated incident response workflows

Potential security incidents are investigated, contained, and resolved with urgency.

Incident Transparency & Accountability

In the event of a verified security incident:

• Impact is assessed immediately
• Affected users are notified where required
• Corrective actions are taken to prevent recurrence

Security failures are treated as critical events not inconveniences.

5. Governance, Risk & Compliance 

Mismatched aligns with:

• India’s Information Technology Act, 2000
• IT Rules on data protection and intermediary responsibility
• Industry-recognized global security standards and best practices

All employees undergo mandatory security and privacy training from day one and annually thereafter.

Third-party vendors are vetted for security, privacy, and compliance before integration.

6. Red Team & Continuous Testing

Offensive Security Program

Our internal and partner security teams actively:

• Simulate real-world attacks
• Test systems for unknown vulnerabilities
• Stress-test workflows, APIs, and access controls

Security is continuously challenged so it can continuously improve.

7. Responsible Disclosure & Bug Reporting

We welcome responsible disclosure from the global security community.

If you identify a potential vulnerability:

• Report it responsibly through our official security channel
• Do not publicly disclose until reviewed and resolved

We commit to:

• Timely investigation
• Responsible remediation
• Protecting users throughout the process

Security researchers help make Mismatched stronger and we respect that.

8. Zero Tolerance Policy

Mismatched enforces strict consequences for:

• Scams or financial exploitation
• Harassment, threats, or coercion
• Impersonation or identity fraud
• Attempts to bypass safeguards
• Abuse of reporting or moderation systems

Accounts may be restricted, suspended, or permanently banned without refund based on severity.

Final Commitment

Security at Mismatched is not static.
It evolves, adapts, and improves because threats evolve too.

Our responsibility doesn’t end at technology.
It extends to people, behavior, and trust.

Safe connections aren’t optional. They’re essential.