When sending information over the Internet, that data is at risk of attackers secretly intercepting. These types of attacks are called man in the middle attacks. To prevent these types of vulnerabilities, we require all interactions with Durianpay, including our website, Dashboard and APIs, be made only through HTTPS.
When accepting payments using Durianpay, you will be handling sensitive user information such as card details, personal data and other sensitive information. Extra care and thought must be put to ensure that your system remains compliant with security standards and that the communication between your customer and your servers stay secured.
We designed and built our entire platform with security and ease of integration in mind, doing the complicated security operations for you so you don't have to. Nonetheless, security is a shared responsibility and applies to both PayMongo and your business.
The following security concepts are used repeatedly during integration, namely encryption, authentication and tokenization:
Encryption - Defend against malicious agents intent on stealing and abusing collected data during server and endpoint exchange.
Authentication - Limit access to data and collection of information between authorized users and applications.
Tokenization - Keep sensitive information secure in servers and protect it from becoming targets from malicious agents.
All sensitive payment information is entered on our platform. So there is no need to jump trough hoops to make your website PCI DSS certified. We have got you covered.