ECOMMPAY Passes SOC2 Audit – Proving Commitment To Keeping Data Safe

October 5, 2020
Enter email and subscribe

Thank you for subscribing to our newsletter

ECOMMPAY has passed its annual Service and Organization Controls 2 (SOC 2) check, performed by SPL AUDIT.

The audit is designed to make sure service providers who store their clients’ data in the cloud, undertake all the necessary measures to keep that data safe. SOC2 is the international reporting standard for information security risk management systems. The standard has been developed by the American Institute of Certified Public Accountants, AICPA.

Passing this audit further shows the commitment that ECOMMPAY has to provide its clients with the very best in data security. The audit process consists of the following elements:

  • What practices have been implemented
  • How stated procedures are followed
  • How changes to the process are registered.

Why do we need this?

Any company that is providing services, especially in the financial and e-commerce field, may potentially present a threat for its customers. From time to time, customers, especially large corporations, may have questions like:

  • Can we trust them?
  • What mechanisms, technologies do they use to protect our data?

In order to give a suitable answer to these questions, it’s better to use an outside expert opinion (SOC2 auditor). For ECOMMPAY it’s important that our clients and partners don’t feel the need to question the reliability of our products and services. Safe in the knowledge that our internal processes are in line with external regulations.

What was examined by the auditors?

  1. What constitutes our services: 1.1 Services of card transaction execution through interfaces PaymentPage, API, SDK, etc. 1.2 Services of financial reporting to merchant
  2. How our systems interact with merchants, merchants’ customers and our partners (Payment systems)
  3. How the process control is organised
  4. What control tools ECOMMPAY has, and what control tools ECOMMPAY’s merchants have
  5. Services’ risk exposure, what control tools allow minimising these risks.

All major companies publish a brief report annotation without sensitive data in the public domain, thus showing a high level of maturity in processes and services.

Subscribe to ECOMMPAY Newsletter

Thank you for subscribing to our newsletter

Now you are a part of the ECOMMPAY community.

Subscribe to our Newsletter

Sign up to our bi-monthly newsletter to get the latest fintech news, updates and insights.
Business type*
The information you submit to us by filling this contact form will be processed in accordance with ECOMMPAY's Privacy Policy. We kindly encourage you to read our Privacy Policy carefully.
Thank you!
A confirmation message has been sent to your email address. Please click the link in the email to activate your subscription. If you didn't get the email, please check your spam or bulk email folder.

No results found. Please try searching for different keywords.