Security


Topics in this Section

Non-repudiation API Authentication

Non-repudiation API authentication is a type of authentication that allows PaymentsOS to verify that the request originated from you and has not been tampered with during transmission.

End to End Encryption

If you are SAQ D compliant, you can use our End-to-End Encryption (E2EE) service to encrypt a card holder’s data. End-to-end encryption introduces an additional layer of security by safeguarding a user’s card data during transit, from the moment you collect the card data until it reaches its destination.

Security Considerations

We recognize that security is a primary concern to any online business and to businesses in the payment industry in particular. With numerous threats confronting online businesses and their customers every day, we have made it our number one priority to safeguard your payment processes and data.

Responsible Disclosure Policy

At Zooz we value the security community and believe that a responsible disclosure of security vulnerabilities helps us ensure the security and privacy of our users. We also value the hard work that goes into security research. If you have discovered a security vulnerability in our website or API, we appreciate your help in disclosing it to us in a responsible manner. To show our appreciation for security researchers, we operate a bug bounty (reward) program for those who have responsibly disclosed vulnerabilities to us.

IP Address Restriction

If desired, we can restrict access to our Payments API to a specific set of IP addresses.

Last modified November 15, 2021