Security & Compliance
Payference follows industry best practices for information security that covers areas around DARE (data at rest encryption), DIM (data in motion), Infrastructure & Email Security using DKIM/DMARC. We apply extensive process controls to ensure no social engineering attacks are feasible on our infrastructure.
Safeguarding Your Organization
Infrastructure Security
-
All Payference systems and databases are located in Amazon Web Services (AWS) data centers within the US which are accredited under ISO 27001, SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II), PCI Level 1, FISMA Moderate, and Sarbanes-Oxley (SOX).
-
Payference uses 256-bit encryption to keep everything secure -- that’s the same level of encryption used by financial institutions.
-
Our servers are inside a private network (VPC) and not directly accessible from outside.
-
Our systems and infrastructure are configured in accordance with security and compliance best practices from AWS. All employees attend monthly information security training, and we own our IP.
Data at Rest
-
Payference stores all data in an encrypted database in the AWS cloud. The DB is encrypted with a best-in-class encryption algorithm - AES-256. We use Amazon Key Management Server for managing encryption keys.
-
User passwords are one-way hashed and stored in an encrypted DB pointed out above.
Data in Motion
-
All communication is end-end encrypted with HTTPS/TLS.
-
All login attempts - successful and unsuccessful - are logged.
Business Continuity and Disaster Recovery
-
All data is backed up regularly and can be restored on demand. Contact us for RTO and RPO targets.
For additional details, or to request a copy of our SOC 2 Type 2 audit, please view our detailed security information here.