cards

Complete peace of mind

We are committed to keeping your and your users’ data secure by implementing the latest and most advanced regulations, policies, and technologies.

See our PCI certificate
Business person surrounded by security icons

PCI DSS LEVEL 1 CERTIFIED Round green checkmark

The PCI SSC defines the criteria to maintain the security of card data at your business and issues certificates to the complying companies. The criteria include well-known practices like:

  • Shield iconFirewalls
  • Safe data iconData transmission encryption
  • Anti-virus iconAnti-virus programs

A PCI certificate tells your users that it’s safe to transact with you and that their details are secure. Conversely, non-compliance might lead to lost customers, as the trust in your brand will be low.

LEVEL 1

It’s the highest and strictest level of PCI and it allows us to serve businesses of all sizes. In order to maintain this status, we undergo an audit once a year, as well as a quarterly PCI scan.

BridgerPay checkout with fingerprint icon and satisfied customer completing a purchase on his phone
See our PCI certificate

PCI DSS REQUIREMENTS

There are 12 requirements, divided into 6 categories, that must be met in order to obtain a PCI certification. You can find them outlined below.

secure-network
Secure network

Firewalls must be installed and maintained. Passwords must be different from those supplied by vendors.

secure-cardholder-data
Secure cardholder data

Protection of cardholder's data. Encryption of data transmitted on public networks.

vulnerability-management
vulnerability management

An anti-virus must be present and always up to date. Regular development and maintenance of secure systems.

network-monitoring-and-testing
network monitoring & testing

Access to data must be monitored. All security protocols and systems have to be regularly tested.

access-control
access control

Card data must be accessible only on a need-to-know-basis. Every person in the organization must have a unique ID for computer access.

information-security
information security

Development and maintenance of an information security policy.

Find out more about PCI DSS

Learn more

DATA PROTECTION

Your data is yours, and no one else’s. We collect only the information we need and keep it safe, obeying the strictest policies. We don’t sell your data and you can request its deletion anytime.

Lock icon
Encryption

We use TLS 1.3 to encrypt traffic and use AES-256 bit encryption for our databases and data stored at rest.

Checklist icon
Penetration Tests & Audits

We are periodically audited by independent third parties and undergo penetration tests to make sure we are always compliant with the strictest policies.

Training icon
Security By Training

All BridgerPay’s employees undergo rigorous ongoing training about:

  • Information security and cyber-security
  • Privacy
  • Password security
Shield icon
Physical Security

We are entirely cloud-based, and no data is kept on the premises. Nonetheless, our offices are protected by ID-based access, CCTV, and alarm systems.

Cloud icon
Secure infrastructure

We use Google Cloud Platform (GCP) for hosting. GCP data centers are monitored 24/7/365 and give us access to the same security-by-design infrastructure Google uses for its applications.

Read more on GCP’s security page
A relaxed customer using BridgerPay's checkout

Sub-processors

salesforce
aircall
google-cloud
stripe
livestorm
logrocket
intercom
survicate
salesforce
aircall
google-cloud
stripe
livestorm
logrocket
intercom
survicate
salesforce
aircall
google-cloud
stripe
livestorm
logrocket
intercom
survicate
Any questions about PCI or other security matters?
Get in touch by emailing [email protected]

BridgerPay is the world’s first payment operations platform, built to automate ALL payment flows, empowering ANY business.

Eleftherias street, 153 Limassol, 3042, Cyprus
Derech Menachem Begin 144, Tel Aviv-Yafo, 6492102, Israel
Ariba Network logo
Verified by Visa logoMasterCard SecureCode logoVisa Secure logoPCI DSS logoSSL Encryption logo
BridgerPay is not a PSP (payment service provider), or an acquiring service, and we do not provide any processing merchant accounts. Bridger is a SaaS (software-as-a-service) company that allows businesses to utilise one API to consume all payments from any method or provider that is connected within BridgerPay’s ecosystem.