Pin Payments takes several steps to prevent unauthorised disclosure or modification of sensitive information.
As a Level 1 Service Provider, our software, systems and procedures have been assessed and certified to the highest level of compliance provided by the PCI Data Security Standards.
Pin Payments' Product and website are subject to periodic manual and automated security audits. Audits are conducted internally as well as by third parties.
Credit card information is encrypted and stored in a system completely isolated from Pin Payments. At no time is unencrypted card data stored on disk either inside Pin Payments' system or in the card storage system. Internally card information is referenced only through the use of a token. The token is not derived from card information in any way.
All requests to our website and API are forced to use HTTPS to ensure encrypted communications.
Hosted Fields provides a library to outsource your acceptance of credit card payments to minimize your PCI requirements, while integrating seamlessly with your existing pages and styles.
Pin.js is a small javascript library which you can use to dramatically reduce the scope of your PCI compliance obligations. Using Pin.js allows a website to accept payments without ever handling credit card data.