OnBoard takes data security very seriously.
Our platform is fully GDPR and PCI-DSS compliant, and we've enlisted only the best service providers for infrastructure, secure application development, and compliance management.
-
PCI Compliant cloud infrastructure with 99.9% average uptime
-
Application level AES 256 bit encryption
-
All connections are secured using TLS 1.2 and all data is encrypted at rest
-
PAN data is PGP encrypted and transferred using the NGO's valid PGP key in armoured format
-
Options to tokenize data from a processor and send to in-house systems
-
Personal data deletion once the original purpose or use of the client data has been realized.
-
Onboard platform built using proper security protocols and with a "Privacy by Design" methodology.
-
TR-39 PIN Security and Key Management compliant. Organization controls are in place around PIN-based transactions; including encryption, key management, and key protection.
-
Proprietary eSignature framework compliant with ESIGN Act, UETA and Electronic Signature and Records Association (ESRA) legislation
-
CASL compliant Commercial Electronic Message (CEM) processes for strict adherence to anti-spam and privacy laws
