Security Capabilities
Overview
As part of our unwavering commitment to ensuring the highest standards of security for the transmission of payment card details, we have established a stringent security policy in collaboration with Stripe. This policy outlines the necessary measures and protocols to protect sensitive payment card information during transmission and storage, ensuring your security and peace of mind..
Security Capabilities
1. Encryption:
• All card details are encrypted using AES-256 encryption, a robust encryption standard ensuring that data remains secure and inaccessible to unauthorized parties.
• Data in transit is protected using TLS (Transport Layer Security), ensuring that card details are encrypted and securely transmitted over the network.
2. Tokenization:
• Stripe employs tokenization to replace sensitive card information with a unique identifier (token) that can be used to process payments without exposing the actual card details.
3. PCI DSS Compliance:
• Stripe is certified as a PCI DSS Level 1 Service Provider, the highest level of certification available. This means Stripe has undergone rigorous security assessments to confirm its adherence to PCI DSS requirements.
• All card details are encrypted using AES-256 encryption, a robust encryption standard ensuring that data remains secure and inaccessible to unauthorized parties.
• Data in transit is protected using TLS (Transport Layer Security), ensuring that card details are encrypted and securely transmitted over the network.
2. Tokenization:
• Stripe employs tokenization to replace sensitive card information with a unique identifier (token) that can be used to process payments without exposing the actual card details.
3. PCI DSS Compliance:
• Stripe is certified as a PCI DSS Level 1 Service Provider, the highest level of certification available. This means Stripe has undergone rigorous security assessments to confirm its adherence to PCI DSS requirements.
Policy
1. Access Control:
• Access to payment card details is restricted to authorized personnel only. Individuals with access rights are periodically reviewed to ensure compliance with our security policies.
• Multi-factor authentication (MFA) is required for all team members accessing payment card data.
2. Data Storage and Retention:
• Payment card details are not stored on our servers.Instead, they are securely stored by Stripe, which provides the necessary encryption and security measures for data storage.
• Only the necessary transaction information is retained, and sensitive card details are not stored beyond the time required for processing payments.
3. Regular Audits and Monitoring:
• Regular security audits are conducted to ensure compliance with our security policies and identify potential vulnerabilities.
• Continuous monitoring of payment transactions is implemented to detect and respond to any suspicious or unauthorized activities promptly.
4. Incident Response:
• A comprehensive incident response plan is in place to address any potential data breaches or security incidents involving payment card details.
• Any detected breach of payment card details will be reported to affected parties and regulatory authorities as required by law.
5. Employee Training:
• Employees handling payment card details receive ongoing training on data security practices, ensuring they are up-to-date with the latest security protocols and potential threats.
By adhering to these security capabilities and policies, we aim to provide our customers with the assurance that their payment card details are transmitted and stored securely through Stripe
• Access to payment card details is restricted to authorized personnel only. Individuals with access rights are periodically reviewed to ensure compliance with our security policies.
• Multi-factor authentication (MFA) is required for all team members accessing payment card data.
2. Data Storage and Retention:
• Payment card details are not stored on our servers.Instead, they are securely stored by Stripe, which provides the necessary encryption and security measures for data storage.
• Only the necessary transaction information is retained, and sensitive card details are not stored beyond the time required for processing payments.
3. Regular Audits and Monitoring:
• Regular security audits are conducted to ensure compliance with our security policies and identify potential vulnerabilities.
• Continuous monitoring of payment transactions is implemented to detect and respond to any suspicious or unauthorized activities promptly.
4. Incident Response:
• A comprehensive incident response plan is in place to address any potential data breaches or security incidents involving payment card details.
• Any detected breach of payment card details will be reported to affected parties and regulatory authorities as required by law.
5. Employee Training:
• Employees handling payment card details receive ongoing training on data security practices, ensuring they are up-to-date with the latest security protocols and potential threats.
By adhering to these security capabilities and policies, we aim to provide our customers with the assurance that their payment card details are transmitted and stored securely through Stripe