Compliance & Security @PayGlocal
PayGlocal has implemented a security mesh & zero trust architecture to achieve the "never trust, always verify" approach.
Got questions? Write to us at [email protected]
Our philosophy
At PayGlocal, we take security very seriously. We understand that our customers entrust us with their data and we are committed to maintaining its confidentiality, integrity, and availability. To achieve this, we have implemented innovative security strategies that constantly evolve to remain ahead of emerging threats. Our security strategy includes not only technical safeguards, such as encryption and firewalls but also robust policies and procedures that govern employee access and behavior. We believe that our customers deserve nothing less than the highest level of security and we are dedicated to providing it.
Authentication
PayGlocal utilizes the latest encryption standards, applied cryptography, and a security framework to authenticate and communicate with each merchant using a zero-trust architecture.
We use JWT-based authentication using the RS256 encryption algorithm.
End-to-End Encryption
PayGlocal is committed to safeguarding customers' sensitive information throughout its lifecycle. The data entering the system embarks on a journey, starting from the user, going over the wire, and traversing through the edge, perimeter, business, and restricted layers. At various checkpoints along this journey, there are moments when the SSL connection is temporarily terminated and restarted, potentially leaving the payload vulnerable and exposed in its unencrypted form.
However, PayGlocal takes an extra step to fortify the security of customer data by encrypting the data even before it even enters the network. By implementing this additional layer of encryption, we ensure that the data is only accessible in its clear, readable form only where and when it is absolutely necessary.
We use an AES with a key strength of 256 bits and a GCM algorithm to encrypt data.
Compliances
PayGlocal is PCI-DSS Level 1 Certified
We believe in security compliance, an effective way to mitigate risk and build trust. PayGlocal has been audited by an independent PCI Qualified Security Assessor (QSA) and is certified as a Level 1 PCI DSS v4.0 certification. PCI DSS is the most stringent level of certification available in the payments industry.
PayGlocal receives the final authorization from Reserve Bank of India (RBI) to operate as an online Payment Aggregator!
We're thrilled to share that PayGlocal has received final authorization from the Reserve Bank of India to operate as an online Payment Aggregator!π
This achievement marks a significant step forward in our mission to deliver secure, seamless, and innovative payment solutions for businesses across India. Our dedicated team has worked relentlessly to make this vision a reality, enabling merchants to expand their horizons and embrace global commerce with confidence.
We also extend our sincere thanks to the Reserve Bank of India for their trust and support in this journey, helping us build a robust and compliant payment ecosystem.
A heartfelt thank you to our merchants, partners, and everyone who has been part of this journey. Your support is the driving force behind our success, and together, we're just getting started! πHere's to empowering businesses, fostering growth, and shaping the future of global payments! π
