Protecting your security and the security of your customers is very important to us. We take a variety of safety and security precautions to ensure your personal data and payment data are kept safe at all time. To keep you safe, we utilize a combination of security technology, training and education and secure partners to ensure you have bank-level security while using WePay.
WePay uses state-of-the-art cryptographic algorithms during data transmission (HTTPS with RSA 2048 bit key and SHA 256 certificate) and in our databases (AES 256 encryption with unique per-row keys). Our servers are kept in PCI and SSAE16 certified datacenters with 24x7 monitoring. Each of our employees undergo rigorous security training periodically to ensure there are no breaches in our system. All money you collect is held in a protected account by our partner bank, an FDIC-insured institution, so your funds are never at risk. Our systems are tested frequently and are inline with PCI compliance requirements resulting in WePay's Level 1 PCI Compliant rating.
PCI-DSS stands for Payment Card Industry Data Security Standards. PCI-DSS certification is designed to ensure cardholders' information is well-protected and managed by payment companies like WePay. To earn a PCI certification, WePay undergoes an annual third-party audit of our security process and procedure. Systems are tested daily and employees are held to strict standards and levels of security education. WePay has been certified at the highest level of PCI compliance as a Level 1 PCI Compliant Service Provider.
For additional information, you may visit the security page on our site.