Data Security

PayNearMe Inc. takes our partners’ information very seriously, and has comprehensive privacy and security assessments and certifications performed by multiple third parties.

PayNearMe Inc. (“PayNearMe”) completes an annual PCI DSS assessment using an approved Qualified Security Assessor (QSA). The auditor reviews the PayNearMe environment, which includes validating the infrastructure, development, operations, management, support, and in-scope services. The PCI DSS designates four levels of compliance based on transaction volume. PayNearMe is certified as compliant under PCI DSS version 3.2.1 at Service Provider Level 2.

The assessment results in an Attestation of Compliance (AoC) issued by the QSA. The effective period for compliance begins upon passing the audit and receiving the AoC from the assessor, and ends one year from the date the AoC is signed. The AoC is available to customers to show the QSA has determined that PayNearMe Inc. is in compliance with PCI DSS v3.2.1.

PayNearMe Inc. (“PayNearMe”) is ISO/IEC 27001:2013 certified. To achieve the ISO/IEC 27001:2013 certification, PayNearMe’s security compliance was validated by an independent audit firm after demonstrating an ongoing and systematic approach to managing and protecting company and customer data. The annual ISO 27001 certification audit was conducted by A-LIGN, an ANAB-accredited third party.

A-LIGN, an independent, third-party auditor, has found PayNearMe to have technical controls in place and formalized IT Security policies and procedures. A-LIGN is an ISO / IEC 27001 certification body accredited by the ANSI-ASQ National Accreditation Board (ANAB) to perform ISMS 27001 certifications. PayNearMe has implemented several security measures and countermeasures that protect it from unauthorized access or compromise and IT personnel were found to be conscientious and knowledgeable in best practices.

Compliance with this internationally recognized standard confirms that PayNearMe’s security management program is comprehensive and follows leading practices.