If you’ve been following us over the past few years, you know we treat security as a practice. We completed Level 1 PCI DSS certification within the first several months of our existence and wrote about why that matters—even though we’re not a payments processor. We also set our sights on SOC 2 certification, which we’re excited to announce we’ve just completed for the first time!

Why This Matters

System Organization Control (SOC 2) is an auditing standard maintained by the American Institute of Certified Public Accountants (AICPA) to test an organization’s internal controls for information security and privacy. Both SOC 2 and PCI are frameworks for ensuring that businesses are operating responsibly and protecting the information that their customers entrust with them. 

We’ve prioritized adding these compliance frameworks because it’s the right thing to do operationally and to further earn the trust of respected payments leaders like Adobe, Crocs, Eventbrite, and [insert your business’ name here]. 

We’re a data company, and we take that responsibility seriously.

How This Impacts You

We don’t operate on PIIA data, so SOC 2 is a certification we’ve opted into whereas PCI is a requirement.

Kind of like our no-code solutions, this certification reduces complexity and adds value in the form of time and predictability for our customers. The ability to provide a summary report of our SOC 2 certification is proof that we’re operating in alignment with industry-established best practices, which cuts through a lot of red tape for our customers and makes it easier for any business to get started with us.

So really, the only difference you should notice is the speed at which you can get to the important business of taking control of your payments data. We’re managing the complexity on our end so you don’t have to. 

Contact us to learn more and get started with Pagos today!