Comparison Overview

Fair Finance

VS

Block

Fair Finance

18 Ashwin Street London, England E8 2, GB
Last Update: 2025-03-15 (UTC)
View Profile
Between 750 and 799
http://www.fairfinance.org.uk

Fair Finance is a social business revolutionising financial services to give everyone a fair chance. We offer a range of financial products and services designed to meet the needs of people who are financially excluded. We aim to revolutionize personal finance, starting with the people whom the mainstream providers have left behind. We are committed to providing high quality products and services that are affordable and accessible. Wherever possible we work in partnership with other companies and agencies that share our goals. Most of our customers are ignored by the mainstream financial services industry and exploited by the sub-prime financial services industry. When we have helped to put the loan sharks and predatory lenders out of business, then we will know we have been successful.

NAICS: 52
NAICS Definition:
Employees: 11-50
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Block

None, None, Oakland, California, US, None
Last Update: 2025-09-10 (UTC)
Between 750 and 799
https://block.xyz/

Block is one company built from many blocks, all united by the same purpose of economic empowerment. The blocks that form our foundational teams — People, Finance, Counsel, Hardware, Information Security, Platform Infrastructure Engineering, and more — provide support and guidance at the corporate level. They work across business groups and around the globe, spanning time zones and disciplines to develop inclusive People policies, forecast finances, give legal counsel, safeguard systems, nurture new initiatives, and more. Every challenge creates possibilities, and we need different perspectives to see them all. Bring yours to Block.

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 12,798
Subsidiaries: 0
12-month incidents
1
Known data breaches
2
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/fair-finance.jpeg
Fair Finance
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/joinblock.jpeg
Block
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Fair Finance
100%
Compliance Rate
0/4 Standards Verified
Block
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Fair Finance in 2025.

Incidents vs Financial Services Industry Average (This Year)

Block has 33.33% more incidents than the average of same-industry companies with at least one recorded incident.

Incident History — Fair Finance (X = Date, Y = Severity)

Fair Finance cyber incidents detection timeline including parent company and subsidiaries

Incident History — Block (X = Date, Y = Severity)

Block cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/fair-finance.jpeg
Fair Finance
Incidents

No Incident

https://images.rankiteo.com/companyimages/joinblock.jpeg
Block
Incidents

Date Detected: 9/2025
Type:Breach
Attack Vector: Insider Threat (former employee)
Motivation: Financial Gain (alleged by shareholders), Unauthorized Data Access
Blog: Blog

Date Detected: 12/2021
Type:Breach
Attack Vector: Unauthorized Access
Motivation: Unknown
Blog: Blog

FAQ

Both Fair Finance company and Block company demonstrate a comparable AI Cybersecurity Score, with strong governance and monitoring frameworks in place.

Block company has historically faced a number of disclosed cyber incidents, whereas Fair Finance company has not reported any.

In the current year, Block company has reported more cyber incidents than Fair Finance company.

Neither Block company nor Fair Finance company has reported experiencing a ransomware attack publicly.

Block company has disclosed at least one data breach, while Fair Finance company has not reported such incidents publicly.

Neither Block company nor Fair Finance company has reported experiencing targeted cyberattacks publicly.

Neither Fair Finance company nor Block company has reported experiencing or disclosing vulnerabilities publicly.

Neither Fair Finance nor Block holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Fair Finance company nor Block company has publicly disclosed detailed information about the number of their subsidiaries.

Block company employs more people globally than Fair Finance company, reflecting its scale as a Financial Services.

Neither Fair Finance nor Block holds SOC 2 Type 1 certification.

Neither Fair Finance nor Block holds SOC 2 Type 2 certification.

Neither Fair Finance nor Block holds ISO 27001 certification.

Neither Fair Finance nor Block holds PCI DSS certification.

Neither Fair Finance nor Block holds HIPAA certification.

Neither Fair Finance nor Block holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Published
Date
2025-10-23
Updated
Date
2025-10-23
Risk Information
cvss3
Base: 6.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
References
Description

The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files it will combine, which allows remote attackers to create very large responses that lead to a denial of service attack via the URL query string.

Published
Date
2025-10-23
Updated
Date
2025-10-23
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.

Published
Date
2025-10-23
Updated
Date
2025-10-23
Risk Information
cvss3
Base: 4.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.

Published
Date
2025-10-23
Updated
Date
2025-10-23
Risk Information
cvss3
Base: 4.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.

Published
Date
2025-10-23
Updated
Date
2025-10-23
Risk Information
cvss3
Base: 7.5
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H
cvss4
Base: 8.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References