Information Security
Rapyd handles and maintains sensitive information in accordance with the most stringent PCI standards.
PCI Level 1
The Payment Card Industry (PCI) has established strict security requirements for the processing, handling, transmission and storage of sensitive data that is required for processing card transactions when the card is not present. The requirements are set forth in the PCI Data Security Standard (DSS). For further information, see PCI Security Standards Council.
Rapyd has passed stringent independent onsite assessments by a Qualified Security Assessor and is certified as a Level 1 service provider.
Rapyd and PCI-compliant clients can handle the following sensitive personal data:
Name
Card number
Expiration date
Card security code (CVV)
Clients without PCI certification must not collect any sensitive personal data and cannot use features of the Rapyd platform that require that data. To handle card transactions without PCI certification, use hosted pages.
Checkout Page - Card payments.
Card Token - A token for a card payment method that is stored in Rapyd's vault.
Beneficiary Token - A token for a beneficiary for payouts.
Hosted PIN Management - Managing card PIN numbers.