Compliance & Security @PayGlocal

PayGlocal has implemented a security mesh & zero trust architecture to achieve the "never trust, always verify" approach.

Got questions? Write to us at infosec@payglocal.in

Our philosophy

At PayGlocal, we take security very seriously. We understand that our customers entrust us with their data and we are committed to maintaining its confidentiality, integrity, and availability. To achieve this, we have implemented innovative security strategies that constantly evolve to remain ahead of emerging threats. Our security strategy includes not only technical safeguards, such as encryption and firewalls but also robust policies and procedures that govern employee access and behavior. We believe that our customers deserve nothing less than the highest level of security and we are dedicated to providing it.

Authentication

PayGlocal utilizes the latest encryption standards, applied cryptography, and a security framework to authenticate and communicate with each merchant using a zero-trust architecture.

We use JWT-based authentication using the RS256 encryption algorithm.

End-to-End Encryption

PayGlocal is committed to safeguarding customers' sensitive information throughout its lifecycle. The data entering the system embarks on a journey, starting from the user, going over the wire, and traversing through the edge, perimeter, business, and restricted layers. At various checkpoints along this journey, there are moments when the SSL connection is temporarily terminated and restarted, potentially leaving the payload vulnerable and exposed in its unencrypted form.

However, PayGlocal takes an extra step to fortify the security of customer data by encrypting the data even before it even enters the network. By implementing this additional layer of encryption, we ensure that the data is only accessible in its clear, readable form only where and when it is absolutely necessary.

We use an AES with a key strength of 256 bits and a GCM algorithm to encrypt data.

Compliances

PayGlocal is PCI-DSS Level 1 Certified

img

We believe in security compliance, an effective way to mitigate risk and build trust. PayGlocal has been audited by an independent PCI Qualified Security Assessor (QSA) and is certified as a Level 1 PCI DSS v4.0 certification. PCI DSS is the most stringent level of certification available in the payments industry.