At FaithStreet, we understand the trust you extend to us when you enter personal information on the internet. We take seriously our responsibility to keep your information safe and secure.
FaithStreet Giving is PCI DSS (https://www.pcisecuritystandards.org/pci_security/) compliant and our merchant service is certified at PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. Our security features include the use of encrypted HTTPS and HSTS when sending sensitive information. This keeps the information we send to our merchant service private.
Your sensitive information is only sent one time, when you first add a credit card or bank account. We reduce the potential attack surface by not storing your credit card or bank account number on our servers. Instead, it exists securely with our merchant service, which also provides payment services for companies like Twitter, Pinterest, Lyft, OpenTable and Kickstarter.
The bit and bytes are physically secured and digitally monitored to confirm their persistent safety. The actual servers hosting our site are in ISO 27001 and FISMA certified data centers. The application infrastructure undergoes regular penetration tests, vulnerability assessments, and source code reviews to assess security.