Knowing your transactions are secure is critical for your fundraiser. Thankfully, Stripe is the global leader in online payments for a reason: security.
Donor banking and transactions are safe with Stripe, the global leader in online payments. At Stripe, security is at the heart of their payment processing.
Where is my data held?
All Canadian account data is stored in Canada. For more info, see Stripe's Canadian Services Agreement here.
What measures have been taken to secure data?
Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1 - the most stringent level of certification available in the payments industry today. Stripe makes use of best-in-class security tools and practices to maintain a high level of security at all times.
Card numbers are all encrypted at rest with AES-256. Decryption keys are stored on separate machines to maintain security. None of Stripe’s internal servers and daemons are able to obtain plaintext card numbers; instead, they can only request that cards be sent to a service provider on a static whitelist. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn’t share credentials of any kind with Stripe’s primary services (API, website, etc.).
Where are my payments processed?
All Canadian accounts are processed in Canada. Curious to know more? Check out Stripe's Canadian privacy agreement here.
Did this answer your question? If not, please feel free to contact us using that teal chat bubble on the lower right corner of your Trellis account dashboard.