Security Policy


PLEASE READ THIS AGREEMENT IN ITS ENTIRETY AS THE TERMS MAY HAVE CHANGED
Updated: 01/06/2018


As an ordering & payment platform, thousands of businesses outsource their transaction security to us. It is our top priority to ensure that your customers’ transaction data is kept secure at all times.

Transaction security
All transaction information passed between merchant sites and Cibo Pay’s systems is encrypted using 128-bit SSL certificates. No cardholder information is ever passed unencrypted and any messages sent to our partner acquirers servers through their secure API's. You can be completely assured that nothing you pass to Cibo Pay’s servers can be examined, used or modified by any third parties attempting to gain access to sensitive information. We do not hold any card information, then the type of card and last 4 digits of the card nr.

Encryption and Data Storage
Once on our systems, all sensitive data is secured using the same internationally recognized 256-bit encryption standards used by, among others, the UK Government. The encryption keys are held on state-of-the-art, tamper proof systems, making them all but impossible to extract. The data we hold is extremely secure and we are regularly auditing our systems ensure it remains so.

System security
Cibo Pay’s systems are scanned monthly by our data Engineer, who is a Qualified Security expert.

Links to banks
Cibo Pay has multiple server links to the none payments 3rd party partners, that are completely separate from the servers used to ordering and payments data. Our payments and ordering data do not cross any publicly accessible networks. Any cardholder information sent to the acquirers and any authorization message coming back is secure and cannot be tampered with.

Internal security
All Cibo Pay servers are hosted at Microsoft server parks, which are controlled by Iris Scanners, which are the latest and most precise biometric security devices available for identification. As used by; chemical plants, airports, police stations, prisons and other facilities where security is paramount. No one can enter or leave the building without a valid security pass.

Staff validation
All employees at Cibo Pay are Criminal Records Bureau (CRB) checked prior to employment and no unauthorized individual has access to or is able to decrypt transaction information or cardholder data. All transaction information and customer card information (the type of card and last 4 digits of the card nr) are secure even from our own employees.

Disaster recovery
Cibo Pay operates on twin data centers to ensure optimal system security and uptime and has a full disaster recovery and business continuation policy.