Security

We maintain the highest level of security when handling your data

Physical Security

Our services are hosted by Amazon Web Services (AWS), the foremost provider for cloud services. All datacenters which handle and store your private information are ISO 27001 & PCI DSS L1 Certified, providing the highest level of physical security available.

Credit Card Security

All billing for Payboy subscriptions are handled through Stripe. Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification. Stripe is trusted by thousands of small and large companies to power commerce for their business. Your sensitive credit card information therefore never reaches Payboy servers, and is handled by trusted, specialists in credit card security. The billing process is fully PCI compliant.

Secure Communications

All communications with Payboy is done through HTTPS/TLS, so you can be confident that any data transfer to and from Payboy is secure from eavesdropping or tampering. Our SSL certificates use 2048-bit keys and are signed with the state of the art SHA-256 encryption algorithm.

Database Security

All data within Payboy is encrypted at rest. This means that our server and database hard disks are encrypted using the industry standard AES-256 encryption algorithm, and your data is secure not only during transfer, but also when idle or shut down.

Ultra-Reliable Backups

Your data is backed up at an unprecedented hourly rate unlike competing services which maintain only daily or weekly backups. Furthermore, your backups are stored in a replicated and encrypted (AES-256) fashion, so that there are always redundant, yet secure copies of your data at multiple physical locations.

Strict Chain of Custody

Payboy maintains a strict chain of custody when accessing databases, servers and internal systems. None of your company's and employees' information is ever unnecessarily exposed to our staff and none of our technical support staff have any access to our servers. Only our engineering team has access to backend servers on a need-to-use basis.

Need to Report a Security Vulnerability?


Please email us directly at security@payboy.biz


Responsible Disclosure


We would like to keep Payboy safe and secure for everyone. If you have discovered a security vulnerability, we would greatly appreciate your help in disclosing it to us in a responsible manner.


Publicly disclosing a vulnerability can put all Payboy users at risk. If you have discovered a possible vulnerability, we would greatly appreciate you emailing us at security@payboy.biz. We will work with you to assess and understand the scope of the issue and fully address any concerns. Any emails are immediately sent to our engineering team to ensure that issues are addressed rapidly. Any security emails are treated with the highest priority as the safety and security of our service is our primary concern.