Stay focused on your business | Cashless-Billing

Security

The Safest Way to Pay

The security of your personal information and data is critical to everything that we do here at Privacy. Here are some relevant details about the safeguards we have built into our technology stack.


Overview

Our team includes people from some of the top payments and security companies (Get Virtual Card In UK), and we’re bringing that expertise to Privacy.Privacy is PCI-DSS compliant. We are held to the same rigorous security standards as your bank.

Data At Rest / Infrastructure

Passwords are hashed using PBKDF2 with 100k iterations and salted to make rainbow table attacks more difficult. Sensitive information is encrypted using split-key encryption with partial keys held by separate employees. Customer data is stored on single-tenant hardware in private networks in at least three separate geographic locations and is inaccessible from the outside world.

Data In Transit

Data is never sent in plaintext. All web traffic is sent over Transport Layer Security (TLS) HSTS for privacy and security. Inter-data center communication protected via Internet Protocol Security (IPsec) with AES-256.

Policies

Aggressive biannual encryption key rotation schedule. Servers are firewalled and regularly updated with the latest security patches. We follow best practices and all code is peer-reviewed before deployment. For access controls, we follow the principles of least privilege.