Parachute360 uses state-of-the-art cryptographic algorithms during data transmission (HTTPS with RSA 2048 bit key and SHA 256 certificate) and in our databases (AES 256 encryption keys). We lever the power and security of Amazon Web Services to keep your data secure. Amazon Web Services (AWS) is Soc 1/ISAE 3402, Soc 2 and Soc 3 compliant and PCI DSS Level 1 compliant.
Parachute360 offers bank level security to keep your data secure. The highly secure cloud computing environment of AWS has achieved a number of internationally recognized certifications and accreditations, demonstrating compliance with third-party assurance frameworks, including those that impact most financial services organizations such as PCI-DSS, SEC Rule 17-a-4(f), Reg SCI, EU Data Protection Directive, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171. For more information visit: https://aws.amazon.com/financial-services/security-compliance
The PCI DSS certification process is designed to protect your sensitive data. Parachute360 does not store any payment information on our servers (including credit cards numbers, and bank account information). In addition to the PCI DSS Level Compliance of AWS, our credit card processor (Stripe) is a certified Level 1 PCI Compliant Service Provider (the highest level), which requires an annual independent security audit of its processes and systems. This is the most stringent level of certification available in the payments industry.
Parachute360 has a Penetration and Vulnerability Testing program. Penetration Testing is an authorized simulated cyberattack which enables us to evaluate the security of our system, as well as any vulnerabilities that could enable unauthorized third parties to access our system.
All Parachute360 employees undergo background checks and security training. The development team follows strict SDLC process which includes security validations and automatic penetration test.
We investigate all reported vulnerabilities. If you believe that you have discovered a vulnerability with our system and/or with your account please email us at firstname.lastname@example.org.