Security & Compliance

Enterprise-grade security with the certifications and controls required by the world's most security-conscious organizations.

Industry-leading certifications

Independently validated security and compliance controls.

PCI DSS Level 1

Highest level of PCI compliance, validated annually by a Qualified Security Assessor.

SOC 2 Type II

Independent audit of security, availability, and confidentiality controls.

ISO 27001

International standard for information security management systems.

GDPR Compliant

Full compliance with EU General Data Protection Regulation requirements.

Security by design

Multiple layers of protection for your payment data.

Encryption at Rest & In Transit

All data is encrypted using AES-256 encryption at rest and TLS 1.3 in transit.

Tokenization

Sensitive card data is tokenized immediately, never stored in raw form.

Key Management

Hardware Security Modules (HSMs) protect cryptographic keys.

Access Controls

Role-based access with multi-factor authentication required for all staff.

Network Security

Web Application Firewall, DDoS protection, and intrusion detection.

Vulnerability Management

Regular penetration testing and continuous vulnerability scanning.

Built for regulatory compliance

We provide the tools and controls you need to meet your compliance obligations, whether you're subject to PSD2, GDPR, or industry-specific regulations.

PSD2 / SCA

Built-in support for Strong Customer Authentication with 3D Secure 2.0.

Data Residency

Choose where your data is stored with regional processing options.

Audit Logging

Complete audit trails of all system activity for compliance reporting.

Data Retention

Configurable data retention policies to meet regulatory requirements.

SLA Guarantees

Platform Uptime
99.99%
API Response Time
< 200ms
Security Incident Response
< 1 hour
Data Recovery Point
< 5 min

Compliance documentation

Access the documentation you need for your security reviews.

Security Whitepaper

Detailed overview of our security architecture and controls.

PCI AOC

Attestation of Compliance for PCI DSS Level 1.

SOC 2 Report

Available under NDA for qualified prospects.

DPA Template

Data Processing Agreement for GDPR compliance.

Questions about security?

Our security team is available to discuss your specific requirements.