Security

Customer trust and data security are critical to everything we do at Paytient.

Product Security

Password & Credential Storage

Paytient enforces a password complexity standard and credentials are stored using bcrypt.

Uptime

We strive to have an uptime of 99.9% or higher. You can check our past month stats at https://status.paytient.co

Network & Application Security

Data Hosting and Storage

Paytient services and data are hosted in Amazon Web Services (AWS) facilities in the USA.

Failover and DR

Paytient was built with disaster recovery in mind. All of our infrastructure and data are spread across 2 AWS availability zones and will continue to work should any one of those data centers fail.

Virtual Private Cloud

All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorized requests getting to our internal network.

Back Ups and Monitoring

On an application level, we produce audit logs for all activity, ship logs to Datadog for analysis and use S3 for archival purposes.

Permissions and Authentication

Access to data is limited to authorized employees who require it for their job. Paytient is served 100% over https. We have 2-factor authentication (2FA) and strong password policies on GitHub, Google, and AWS to cloud services are protected.

Encryption

All data sent to or from Paytient is encrypted in transit. Our API and application endpoints are TLS/SSL only. We also encrypt data at rest using an industry-standard encryption algorithm.

Incident Response

Paytient implements a protocol for handling security events which includes escalation procedures, rapid mitigation and post mortem. All employees are informed of our policies.

Additional Security Features

Training

All employees complete Security and Awareness training annually.

Policies

Paytient has developed a comprehensive set of security policies covering a range of topics. These policies are updated frequently and shared with all employees.

Employee Vetting

Paytient performs background checks on all new employees in accordance with local laws. The background check includes employment verification and criminal checks for US employees.

Confidentiality

All employee contracts include a confidentiality agreement.

Security Questions?

Get In Touch

If you think you may have found a security vulnerability, please get in touch with our security team at security@paytient.co.