Eventpop Security Guide

Updated on 08 May 2020


PCI Compliant

Our payment gateway provider complies with PCI-DSS 3.2.1 as service provider.
  • Omise, 2C2P, PayPal is registered with Visa, Mastercard and JCB as PCI-compliant service provider.
  • Credit card information is never stored after transaction authorization.
  • Secure payment with payment data encryption.

Hosting Environment

Amazon EC2 hosts Eventpop's production systems.
  • PCI-DSS Level 1 Service Provider.
  • ISO 27001 certified.
  • Independently verified and audited.
  • SAS-70 Type II and SSAE16.
  • Amazon AWS PCI Compliance site.

Privacy

Your privacy is contained behind secured networks to ensure protection of sensitive information.

System Development

Eventpop is committed to designing, develop and maintaining secure systems.
  • All web and mobile applications are developed, tested, deployed, and maintained by a full-time, in-house engineering team.
  • No credit card information is permitted to be stored on any mobile device.

Our Organization

Eventpop has taken appropriate measures to vet our employees.
  • All employees are subject to reference, education, and other personnel checks. Certain employees are also subject to detailed background checks.
  • Require written acknowledgement by employees of their roles and responsibilities with respect to protecting user data and privacy.