Product security
Before each one of our services are implemented, they go though rigorous secure coding guidelines, code analyzer tools, vulnerability scanners, and manual review processes. Security by design methodology, alongside a security development framework based on OWASP standards, give us the ability to mitigate threats.
Operational security
We run a robust logging and monitoring system to ensure clean and secure traffic through our servers. Our intrusion detection and prevention systems provide protection and prevent misuse of our internet infrastructure.
Availability
Our disaster recovery and business continuity programs help us provide you with consistently high availability. Our always-on payment solutions can be quickly and securely replicated worldwide, ensuring their availability even in the event of a disaster.
Data security
The privacy and security of your information are paramount to everything we do. All data that goes through PopID servers is immediately encrypted using FIPS 140-2 validated security modules. We segregate our environment, so the network connections to the data in our own systems are highly restricted. Access to it is rigorously scrutinized and has to pass multiple security inspections before it is allowed.
Device security
All PopID devices are Payment Card Industry Data Security Standard (PCI-DSS) compliant with end-to-end encryption (E2EE) enabled. They also feature tamper detections, centralized management, and OTA (over the air) updates.
Compliance
We stay up-to-date on all regulations and compliance matters. PopID is PCI-DSS compliant, and we are in the process of obtaining additional certifications.
Bug bounty program
We're excited to announce PopID will be partnering with HackerOne, the industry leader in hosting bug bounty programs. Its goal will be to grant us an additional layer of protection for our customers and the data they trust us with. Please feel free to visit us at HackerOne/PopID.
Contact
Feel free to contact our Security Team with any questions or concerns regarding our privacy or security.
Email our Security Team.