RafflesNow uses a top payment processor which is "Industry Recognized" as well as validated as a Level 1 PCI DSS compliant service provider.
What is PCI DSS Compliant you ask?
- The Payment Card Industry Data Security Standard (PCI DSS) is a set of industry-mandated requirements that apply to any business that handles, processes, or stores credit cards. Being PCI compliant requires annual action. RafflesNow ensures and maintains monthly PCI Compliance. For additional information, here is a link to the PCI Security Standards Counsel: www.pcisecuritystandards.org/
Important other technical & security details:
- Data Security - Data Security is of enormous importance to us, important vital steps are taken to safeguard customer information.
- Data Encryption - Cardholder data is managed in a Vault, using multiple encryption keys with split knowledge and dual control. A data thief would not be able to make use of information stolen from a database without also having the key. This data store cannot be connected to via the internet.
- Activity Monitoring & Testing - Employee, customer, and vendor activity is reviewed & observed to guard against suspicious and/or unauthorized activities. Automated vulnerability scans are conducted at least quarterly, and at least once a year we have extended penetration testing conducted by outside sources.