Protecting your security and privacy is important to us. If you have questions or encounter any security-related issues,
please contact us at email@example.com or file an issue on HackerOne.
The PCI DSS certification process is designed to protect your sensitive data. VES is a certified Level 1 PCI Compliant Service Provider (the highest level), which requires an annual independent security audit of our processes and systems. We test our system daily (manually and automatically) to ensure security.
VES uses state-of-the-art cryptographic algorithms during data transmission (HTTPS with RSA 2048 bit key and SHA 256 certificate) and in our databases (AES 256 encryption with unique per-row keys). Our servers are kept in PCI and SSAE16 certified datacenters with 24×7 monitoring.
Training and education
All VES employees undergo background checks and security training. The development team follows strict SDLC process and OWASP security guidelines.
Protecting your money
Your money is held in a protected account by our FDIC-insured or CDIC-insured partner bank, so your funds are never at risk.
We do the heavy lifting
As security standards evolve, so do our systems. As a Level 1 PCI compliant service provider, we do ongoing work to keep our systems and services secure behind the scenes, thus making it easier for you to meet compliance obligations.
Reporting and disclosure
We investigate all reported vulnerabilities, so if you believe you’ve discovered a problem, please email firstname.lastname@example.org
You can find our PGP key below. This can be used to encrypt your communication with us or to verify signed messages you receive from us.