At ChargePay, your peace of mind is our top priority. We understand the critical importance of security in today's digital landscape. Rest assured that your data and financial transactions are in safe hands with us.
We take proactive measures to protect your information and maintain the highest standards of security in the industry.
Our dedication to security is reflected in our SOC 2 compliance, which sets stringent standards for data protection and security practices.
This means that our systems and processes meet the highest industry standards, ensuring the safety of your sensitive information.
Rest assured that when it comes to collecting data for chargeback responses, we prioritize the security of your information.
We exclusively utilize order, customer, and payment data within our secure servers, guaranteeing that it remains within our system and under our vigilant protection.
Security Throughout ChargePay's Chargeback Process
At ChargePay, we acknowledge the critical importance of your payment provider in the success of your business. Our commitment to security is ingrained in every facet of our organization. ChargePay operates as a security-driven organization, and we prioritize the protection of your sensitive data at every step.
When it comes to integrations with our approved partners like PayPal, Shopify, and Stripe, we exclusively utilize official APIs provided by these trusted platforms. It ensures a secure and seamless connection that adheres to the highest industry standards.
To submit disputes on your behalf, we follow the 'least privilege' principle, requesting only limited read-write privileges when necessary. We want to emphasize that we will never create a charge or customer on your behalf, maintaining a clear separation of roles and responsibilities.
At ChargePay, we employ industry best practices and cutting-edge technologies to safeguard your data from unauthorized access, disclosure, inappropriate use, and loss of access. Our commitment extends to our sub-processors, who adhere to rigorous security policies and standards. They remain up-to-date with industry compliance requirements, including PCI and GDPR, ensuring that your data remains protected and compliant with relevant regulations.
If you ever have any security concerns, please do not hesitate to reach out to us directly at security@chargepay.ai. Your peace of mind & data security is our priority, and we are always ready to address your questions or concerns.
Everything is powered by AI making the entire process is completely hands free.
ChargePay AI learns to identify chargeback fraud and counters them automatically protecting your business.
Comprehensive Security Features
1.Data Encryption
At ChargePay, the security of your data is our utmost priority. We employ a dual-layered approach to data encryption, utilizing both our proprietary encryption technology and the robust AWS server encryption protocols. All data volumes within our AWS infrastructure are encrypted using the industry-standard AES-256 algorithm.
Additionally, all communication with ChargePay is secured through encryption, ensuring that your sensitive information remains confidential and inaccessible to unauthorized parties. These encryption measures enhance the overall security of your transactions and business operations.
2.Credit Card Security
At ChargePay, the security of your credit card data is of paramount importance. When a business owner enters their credit card information, rest assured that it is never stored within our system, nor is it transmitted through our servers.
Instead, we entrust this critical data to Stripe, a leading payment processor certified to PCI Service Provider Level 1—the highest level of certification available in the industry. You can access Stripe's detailed security information online.
This approach ensures that your credit card data remains secure, as it is handled by a trusted and certified payment provider, offering you peace of mind and top-tier protection for your financial information.
3. Multi-Factor Authentication (MFA)
At ChargePay, safeguarding your data from malicious attacks and unauthorized access is a top priority. To ensure an extra layer of protection, we have implemented Multi-Factor Authentication (MFA) across our system. MFA acts as a robust defense mechanism on top of our server's username and password authentication.
MFA is enabled for every ChargePay account that may have access to your data. This additional layer of security requires users to provide multiple forms of verification before gaining access, such as something they know (password), something they have (a security token or device), and something they are (biometric authentication). These multiple factors collectively provide an elevated level of security, enhancing the protection of our system's settings and resources.
By integrating MFA, we ensure that only authorized individuals with the right credentials can access sensitive data, minimizing the risk of unauthorized access and bolstering the overall security of your information.
4. OAuth 2.0 Integration
At ChargePay, we prioritize secure and standardized integration methods, which is why we adhere to the industry-standard OAuth 2.0 framework. OAuth 2.0 serves as our gold standard for integrating with trusted payment providers such as PayPal, Stripe, Shopify, and Shopify Payments. Our integration processes are facilitated via their official OAuth applications: Stripe Connect, Login with PayPal, and Login with Shopify.
OAuth 2.0 is an open standard authorization framework designed to enable applications to access user accounts on HTTP services securely. It functions by delegating user authentication to the service hosting the user account while authorizing third-party applications, like ChargePay, to access that user account. This framework provides versatile authorization flows suitable for web and desktop applications, as well as mobile devices.
One key advantage of using OAuth 2.0 is the control it grants you. You maintain the ability to revoke ChargePay's access at any time, directly through your respective PayPal Dashboard, Stripe Dashboard, Shopify Dashboard, or right within your ChargePay Dashboard. This level of control empowers you to manage and oversee the integration securely, ensuring that your data remains protected and accessible only as needed for your business operations.
Security Throughout ChargePay's Chargeback Process
At ChargePay, we take every measure to ensure the security of our infrastructure, which is hosted on Amazon Web Services (AWS). AWS data centers are equipped with multiple layers of physical security to safeguard your data:
Physical Access Barriers
AWS data centers are fortified with several physical access barriers, including alarms, crash-rated outer perimeter fencing to deter vehicle intrusion, electronic access cards, video surveillance, and internal trip lights.
Restricted Employee Access
ChargePay employees do not have physical access to AWS data centers, servers, network equipment, or storage. This ensures that only authorized personnel can interact with our infrastructure.
AWS Server Locations
The precise location of the AWS servers hosting our infrastructure varies based on various factors. For security reasons, Amazon does not disclose the exact physical addresses of its data centers. However, you can trust that AWS maintains strict security measures to protect our hosted services.
For more in-depth information on AWS security features, you can refer to 'Introduction to AWS Security.' Rest assured, your data is housed in a secure environment with layers of physical access protection, ensuring the utmost security and confidentiality.
Transparency and Disclosure
At ChargePay, we are committed to transparency and keeping you informed about the security of your data. In the event of a security data breach, we adhere to GDPR regulations, ensuring that you, our valued customer, are promptly notified within 72 hours, as feasibly as possible.
This swift notification process is in place to provide you with the necessary information and steps to safeguard your interests.
Additionally, we maintain live reporting of our operational uptime and any issues through our dedicated status page. You can stay updated on the status of our services by subscribing to email notifications from our status page at the ChargePay Status Page.
This proactive approach to communication allows you to stay informed about any potential disruptions or issues, ensuring a seamless and secure experience with ChargePay.