Your address will show here +12 34 56 78
QWIKPAY SECURITY AND DATA STORAGE


 

 

 

Security Tiers of Qwikpay

 

Prohibited Data Storage

We never store the raw magnetic stripe, PAN or PIN Block information of each credit/debit card processed and only store critical transaction information per gateway execution.

 

Data Encryption and storage

Cardholder data is stored using advanced encryption methods. A data thief would not be able to make use of information stolen from a database without also having the key. The data store where cardholder data is kept in a remote location.

 

Authentication and Session Management

We require all users to authenticate each time they use the application and inactive sessions time out after 30 minutes. Passwords are never stored directly in the database, but are salted and hashed using a slow hash function to increase security. In addition, all communication between merchants and us is conducted in a secure fashion using SSL.

 

Recurring Billing Tokenization

Qwikpays recurring billing option uses the latest credit data processing infrastructure to mitigate all risks associated with card data storage by way of credit data tokenization. This makes subscription management much more flexible and available to Merchants to manage their own base of customers.

 

Reliability

We have high redundancy onsite and offsite. Onsite data is mirrored on individual servers using RAID and is also hot synced between servers. Data is also encrypted and backed up off site with an undisclosed third party.

 

Activity Observation

All activity by our users or internally by our employees is extensively logged in a tamper-proof fashion.

In addition to having a Web Application Firewall, we engage in the practice of extensive internal code reviews of all the software we develop.

 

Penetration Testing

We conduct automated vulnerability scans. In addition, at least once a year we have extended external penetration testing conducted by outside sources.

 

Securing Access

Our network has been set up in a secure fashion with minimal access to outside networks. Internally, we use segmented networks so only servers which work together can communicate with each other.

We facilitate secured patching and software updates of all our systems, including watching numerous online resources for the latest vulnerabilities.

We also provide guidance to merchants on how to securely interact with our services using later, more secure versions of our API.

 

  • Text Hover
 

Data Security

Terms & Conditions

© All rights reserved 2018. Qwikpay Pty Ltd.