fbpx

PCI-DSS Compliance

Curi Inc. PCI-DSS Compliance Statement

Curi Inc. is fully committed to the smooth and secure transaction processing of all transactions with our customers. We adhere to the Payment Card Industry Data Security Standard (PCI-DSS) to ensure the highest level of security for our users’ data.

Secure Hosting:

CuriPOS.com and Curi.lc are hosted with a PCI-compliant hosting provider, ensuring that our infrastructure meets the stringent security standards required for secure payment processing.

SSL Certificate:

All transactions between our servers and clients are encrypted using the latest Secure Socket Layer (SSL) technology, providing robust protection against data interception and ensuring the integrity of all data exchanges.

Secure Payments:

We only use PCI-DSS compliant payment gateways, such as Stripe and PayPal, to process payments. This ensures that our customers’ payment information is handled with the highest level of security, meeting all PCI-DSS requirements.

Strong Passwords:

We enforce strong password policies across our platforms and, in some cases, implement two-factor authentication (2FA) to add an additional layer of security for user accounts.

Firewall & Security Plugins:

We install and maintain top-tier security plugins and firewall protection to safeguard our systems against unauthorized access, malware, and other potential threats.

Data Encryption:

Sensitive data, including payment information, is encrypted both in transit and at rest. This ensures that even if data is intercepted, it remains protected and unreadable to unauthorized parties.

Regular Scans:

We conduct regular security scans and vulnerability assessments to proactively identify and address any potential security risks. This helps us maintain the highest level of security and compliance with PCI-DSS standards.

Access Control:

Curi Inc. does not store any cardholder information on our servers. All payment information is securely handled by our PCI-DSS compliant payment gateways, ensuring that sensitive data is never stored or accessible within our systems.

Audit Logs:

We maintain detailed audit logs to monitor and review all access and changes to sensitive data. These logs are regularly reviewed to detect and respond to any unauthorized activities.

Commitment to Continuous Improvement:

Curi Inc. is committed to continuous improvement and regularly reviews and updates our security measures to stay ahead of emerging threats and ensure ongoing PCI-DSS compliance.