Carlink
All features
// 06 / FEATURE

Account Security

Enterprise-grade, broker-friendly.

Your operations handle PII and money. We protect them like a bank does — without making your team's life miserable.

// THE PROBLEM

Brokerages handle some of the most sensitive data in logistics — customer addresses, vehicle VINs, payment info, agent commissions, carrier insurance details. But most run on tools with weak auth, no audit trail, and no way to scope what each agent can see. One compromised password = the whole brokerage exposed.

// HOW CARLINK SOLVES IT

Carlink enforces two-factor authentication on every login, captures every action in a detailed audit log, and gives you role-based permissions per agent. Multi-company workspaces stay walled off from each other. SOC 2 Type II compliance is in progress. SSO via SAML is available on First Class for enterprises with existing identity providers.

// KEY BENEFITS

What you actually get.

Two-factor authentication, every login

SMS code or authenticator app (Google Authenticator, Authy, 1Password). Required for every user — no exceptions, no opt-out. A leaked password alone never gets anyone into your account.

Detailed audit logs

Every action — login, edit, delete, dispatch, payment — captured with user ID, timestamp, and IP address. Filter by user, action, date, or IP. Export for compliance review or incident investigation.

Role-based permissions

Agent, Dispatcher, Manager, Admin, Owner. Each role sees only what they should — agents see their loads, managers see their team's, owners see everything. Customizable down to the field level on First Class.

Multi-company isolation + SSO

If you run two or more brokerages on Carlink, each one's data is walled off — an agent on Brokerage A can't query anything from Brokerage B. SSO via SAML is available on First Class for enterprises that need it.

// WHAT'S INSIDE

Everything Account Security ships with.

Concrete capabilities you can verify with your own data on day one.

  • 2FA methods: SMS + Authenticator app (Google, Authy, 1Password, etc.)
  • Audit log captures user, action, timestamp, IP — exportable to CSV
  • Roles: Agent / Dispatcher / Manager / Admin / Owner
  • Multi-company data isolation (no cross-company queries possible)
  • SOC 2 Type II compliance: in progress
  • SSO via SAML available on First Class plan
  • Encrypted at rest (AES-256) and in transit (TLS 1.3)
  • Per-field permission controls (First Class)
// HOW IT WORKS

Three steps. That's it.

1

Enable 2FA on first login

Carlink walks every new user through 2FA setup before they can access any data. SMS or authenticator — user picks at setup. No exceptions, no admin-bypass.

2

Set role permissions

Per user, per company. Owner assigns roles when adding agents. Customizable — you decide who sees commissions, who sees customer payment info, who can delete records.

3

Review audit log when needed

Compliance review, suspected mishandling, or routine spot-check — filter the audit log by user, action, date, or IP. Export to CSV for your records.

// A REAL EXAMPLE

How a typical day looks.

An agent leaves the company on a Friday. The owner opens Carlink, revokes the user's access, and pulls the audit log for the past 30 days filtered to that user — 1,847 actions captured: every record they viewed, edited, or exported. No mystery, no scramble. Monday morning the owner adds a replacement, walks them through 2FA setup in 90 seconds, and they're working with the right permissions before lunch.

// Pulled from the brokerages running on Carlink today

// OTHER FEATURES

See the rest of the platform.

Lead Management

Capture, track, and convert — every lead, every source.

Learn more

Dispatch

Carrier matching, BOL, status — without the spreadsheet.

Learn more

Pricing Automation

Quote in seconds. Win more deals.

Learn more

Invoicing

Bill clients. Pay carriers. Sync books.

Learn more

See Account Security with your own data.

30-minute demo. Walked through by an operator.