Security
Security is one of the biggest considerations in everything we do. If you have any questions, or encounter any issues, please contact us
SSL
Secure Sockets Layer, or SSL, is a technology that secures the connection between your browser and the website you’re visiting. To verify that SSL is protecting a page, look for a URL beginning with https://, instead of http://, and a green, closed padlock icon. This allows visitors to navigate the website and submit information through a secure connection.
SSL provides three important security benefits:
- Privacy: Encrypts the connection between the browser and web server and securely transmits information (like login credentials) to prevent unauthorized parties from eavesdropping.
- Data integrity: Prevents unauthorized parties from altering data during transmission (like during a Form Block submission).
- Authentication: Protects against impersonation by requiring web server proof of identity.
PCI
Our merchant provider has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available.
Encryption
All card numbers are encrypted on disk with AES-256. Decryption keys are stored on separate machines. None of our internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Our infrastructure for storing, decrypting, and transmitting card numbers runs
Disclosure
We rapidly investigate all reported security issues. If you believe you've discovered a bug in our security, please get in touch via our contact page. We will respond as quickly as possible to your report.