Plastiq uses 256-bit Extended Validation (EV) Secure Socket Layer (SSL) encryption technology to secure information as it travels across our network. This technology ensures that no third party can access information as it is entered into our site. Our technology platform is designed to protect your data in transit and keep it safe and secure when it is here.
Plastiq is a certified Payment Card Industry Data Security Standard (PCI DSS) compliant company, and our security precautions exceed these standards. PCI DSS compliant means that our technology, policies, and procedures have been audited by an official third party and have passed the requirements established by the major credit card brands such as Visa, MasterCard and American Express. We continually assess our technology and operations to ensure we remain in compliance with these certified third-party requirements.
Plastiq only allows access to data through fully authenticated and authorized users. We use multiple authentication schemes, including third parties where appropriate, to verify the identity of users during account registration and payment processing. Access confidential data is only permitted after the users are authenticated via multiple factors.
In addition to the day-to-day security precautions we take, Plastiq also uses automated vulnerability scans by Trustwave to ensure our system is secure from all attacks. Trustwave is a recognized provider of cloud based compliance and information security solutions and is the industry standard for system vulnerability protection across North America.