Our Security Standards

Our Secure Payment Gateway Is Stripe

Stripe, Inc. is an Irish-American multi-national financial services and software as a service company dual-headquartered in South San Francisco, California, United States and Dublin, Ireland. Stripe is the secure online payment gateway we choose.

Your Payment Is Made Directly To Stripe

When you purchase from our website, the credit card details you provide are transmitted directly to Stripe. We do not receive or store any of this information on our web servers. This is the process by which Stripe (and other payment gateways) works, as stated in its Standards & Regulations Compliance.

Stripe’s Commitment to You – and To Us

This text is taken directly from Stripe’s Standards & Regulations Compliance.

START EXCERPT

Stripe uses best-in-class security practices to maintain a high level of security.

PCI-certified

Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. This audit includes both Stripe’s Card Data Vault (CDV) and the secure software development of our integration code.

We provide our users with features to automate some aspects of PCI compliance. We analyze the user’s integration method and dynamically inform them of which PCI validation form to use. If a user uses Stripe Elements, Checkout, Terminal SDKs, or our mobile libraries, we pre-fill the user’s PCI validation form (Self-Assessment Questionnaire A) in their Dashboard. And to educate users on the subject of compliance, we have a PCI Compliance Guide that describes how to maintain compliance and how Stripe can help.

System and Organization Controls (SOC) reports

Stripe’s systems, processes, and controls are regularly audited as part of our SOC 1 and SOC 2 compliance programs. SOC 1 and SOC 2 Type II reports are produced annually and can be provided upon request.

EMVCo standard for card terminals

Stripe Terminal is certified to the EMVCo Level 1 and 2 standards of EMV® Specifications for card and terminal security and interoperability. Terminal is also certified to the PCI Payment Application Data Security Standard (PA-DSS)—the global security standard that aims to prevent payment applications developed for third parties from storing prohibited secure data.

NIST Cybersecurity Framework

Stripe’s suite of information security policies and their overarching design are aligned with the NIST Cybersecurity Framework. Our security practices meet the standards of our enterprise customers who must provide secure products like on-demand cloud computing and storage platforms (for example, DigitalOcean and Slack).

Privacy and data protection

We continuously implement evolving privacy and data protection processes, procedures, and best practices under all applicable privacy and data protection regimes. For more information, see the following resources:

END EXCERPT

Credit Cards We Accept

We accept payment by credit or debit card (Mastercard, Visa and American Express) which is processed diretly with Stripe. We do not accept cheques of any form.

Payment Alternatives We Offer

We provide access to ApplePay and GooglePay if you’d prefer not to use a credit card. With this method,  your details have already been provided to those entities, so you can purchase with just one click.

Please let us know if you would like us to offer more payment alternatives.

[]
×
Like an EXTRA 5% OFF?

Claim your discount now

No thanks. I'm happy to pay the offered price. *You can unsubscribe at any time.