Keeping You Safe: Pagos’ Ongoing Commitment to Data Security and Compliance

The Pagos suite of payments insight and orchestration tools continues to grow and improve with every passing day. Such improvements include launching an updated version of Parrot (our easy-to-use BIN API service), multiple new data visualization dashboards in Peacock, and a new feature in Canary for quickly reviewing entire sets of related data anomalies. Alongside these regular product improvements, we’ve also launched and expanded our Toucan and Loon products, designed to give every business easy access to network tokenization and account updater services respectively. As we bring more Pagos customers into this incredible nest, the more data we manage; in fact, the number of processed transaction events in our platform has grown at such an exponential rate, we stopped announcing milestones in January once we crossed one billion events (that number is now closer to 3.5 billion, by the way).

Like we said, there’s been a lot of growth.

All that being said, one thing about Pagos hasn’t changed and never will: our unwavering commitment to data security and compliance. We gave you a glimpse into how we act on this commitment in our Security Compliance = A Safer Nest blog post from November 2022, and it’s time for an update! In today’s post, we’ll review the Pagos approach to data security and break down the actions we’re taking to maintain compliance even in the face of unprecedented business growth.

Security as a Practice

Data security sits at the heart of everything we do here at Pagos. The businesses who work with us need visibility into their payments data to understand:

• Major customer segments (no PII needed!) 

• How to position themselves to different customer markets

• What payment methods to offer

• What payment service providers to work with or route certain transactions through

• So much more! 

In order to gain that insight, they trust us with their customer data so we can aggregate and harmonize it, then serve it back to them in a digestible way. We take that trust very seriously.

To demonstrate our commitment, we have obtained PCI 4.0 certification in advance of it being required and have our sights set on obtaining SOC2 in the near future. Such certifications exemplify how we’ve met security and compliance requirements set by the major card brands, such as maintaining highly secure and high-availability infrastructure, penetration testing of Pagos environments, strong encryption and data management, and robust policies and procedures. Any opportunity we have to make our customers’ lives easier through certification—especially when leveraging what we feel we must do—is a win for all parties. Our security teams can speak the same language and accelerate getting to work on delivering value.

Delivering Security in Our Product

We’ve built our products with data security in mind, ensuring we not only provide a valuable service, but that our customers can always trust us with their sensitive information. Here’s how we deliver on this:

• Minimizing PII Data – We descope and remove all Personally Identifiable Information (PII) data wherever we identify it. If we don’t need the data to deliver value, we don’t process or store it at all. Additionally, we have intelligent systems in place to remove any personally identifiable data sent through our data connections in error. 

• User Control – When you import your payments data into Peacock and Canary through our no-code data connections, you are always in control of the data that is shared and the data connection itself. In fact, you can turn off a data connection or add new ones any time you’d like!

• Secure Data Handling – In cases where sensitive data is required, such as tokenizing PANs with Toucan or handling PAN updates with Loon, you can rest assured that your data is handled securely within our PCI-certified environment.

Partnering on Compliance

We recognize that many of our enterprise clients are equally security-conscious, and we are committed to collaborating with them to meet their security clearance requirements. If your business has information security or risk assessments you require of solution providers like Pagos, we’re more than happy to comply. It’s built into the Pagos onboarding process to review all security concerns with you, and we’ll always tailor our responses and support to your requirements.

Take a look at our Data Policy and Privacy Policy and let us know if you have any questions regarding security clearance

Contact Us to Learn More!

At Pagos, we understand that data security is not a box to check, but an ongoing practice and ethos that we must embrace in our business practices and product design. Our certifications, stringent security measures, and commitment to collaboration with our clients are all part of our dedication to building a safer nest for everyone.

As our flock continues to grow and evolve, so too will our commitment to security, ensuring that you can always trust Pagos with your valuable data. Contact us to learn more or sign up for a demo today!