Security Information

Last updated May 6th 2015

Your security is our highest priority at Payhero

At Payhero we take security of your data and your customers information VERY seriously.

Payhero is hosted in a dedicated hosting environment with 24x7 security. Physical access to the network is strictly limited and monitored. Private networks are strictly segmented according to function. Restrictive firewalls protect communication entering the network and between private networks. All access to Payhero's network and services is strictly logged.

Audit logs are reviewed on a regular basis. Internal and external network penetration tests are performed on a regular basis by third-parties. Two-factor authentication and strong password controls are required for administrative access.

Physical & Network Security

Payhero uses Amazon's AWS platform and infrastructure. Payhero employees do not have any physical access to our production environments.

Further information on AWS security and infrastructure.

"The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. It provides an extremely scalable, highly reliable platform that enables customers to deploy applications and data quickly and securely. Amazon has many years of experience in designing, constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and infrastructure. AWS data centers are housed in nondescript facilities, with military grade perimeter control berms. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, state of the art intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication no fewer than three times to access data center floors. All visitors and contractors are required to present identification and are signed in. They are also continually escorted by authorized staff."

In addition to physical security, the AWS platform also provides Payhero significant protection against traditional network security issues on the infrastructure such as

  • Distributed Denial Of Service (DDoS) Attacks
  • Man In the Middle (MITM) Attacks
  • IP Spoofing
  • Port Scanning
  • Packet sniffing by other tenants

Security Audits

Payhero’s Product and website are subject to periodic manual and automated security audits. Audits are conducted internally as well as by third parties.

Sensitive Information Storage

Credit card information is encrypted and stored in a system completely isolated from Payhero. At no time is unencrypted card data stored on disk either inside Payhero’s system or in the card storage system. Internally card information is referenced only through the use of a token. The token is not derived from card information in any way.

SSL

All requests to our website and API are forced to use HTTPS to ensure encrypted communications.

Disclosure

We work continuously to make our systems secure. If you discover any security issues, please submit them to security@payhero.co. We take security as our highest priority. We will make sure the issue is fixed and updated at the earliest.

Sydney Office

Level 1, Fairfax House
19-31 Pitt Street
Sydney, New South Wales

Adelaide Office

L2, Majoran Coworking
14 Grenfell Street
Adelaide, South Australia

Contact

Phone+61 0412 970 233

Emailhello@payhero.co

Websitehttps://www.payhero.co

Visit Payhero Support

Try Payhero for Free

Sign up now for a free 14 day trial of Payhero with no comittment or contracts.

Sign Up Now