We take security really, really seriously. See below for some of the measures we have implemented to ensure our platform is as secure as it can be:
- SSL
- PCI compliance
- Encryption of sensitive data
- IP checks to prevent suspicious activity
- Cross Site Request Forgery (CSRF) & XSS prevention
- Dos attack protection
- Invisible reCAPTCHA to stop bots
- Auto logout (after 30 mins)
- User lockout (After consecutive fail attempts to login, register and reset password)
- Auditing all ABNs, organisations and causes (keep history of changes)
- Role based access control for SF users
-
Not storing credit card or bank details of donors