Security

GivingFire is committed to your data security while you give online and in-person.

GivingFire has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 2. To accomplish this, we use the best-in-class security tools and practices to maintain a high level of security at GivingFire.

  • GivingFire uses a 256-bit encrypted SSL certificate on all pages of our site. HTTPS is forced on all pages.
  • GivingFire is PCI Level-2 Compliant, a heightened level of security set by the federal government.
  • GivingFire undergoes regular third-party security audits.
  • GivingFire retains an online security expert in addition to our regular development staff to periodically review our servers, code, and policies.
  • GivingFire does not store credit card or bank numbers on any of our servers.

ONLINE TRANSACTIONAL SECURITY

GivingFire does not store credit card numbers or other payment credentials in permanent storage in any form, encrypted or unencrypted. We those numbers briefly pass through our system while being processed and then they are permanently deleted (except for the last four digits) from our system. In the case of recurring transactions, credit/ACH information is stored with our upstream gateway. Gateways are built specifically for processing and storing card data securely.

GivingFire goes through periodic third-party audits to make sure our security is up-to-speed, use secure SSL certification to encrypt transactions from the donation page to our servers, and keep our firewalls, server software, and underlying code up-to-date to prevent any breach.

KIOSK TRANSACTIONAL SECURITY

Kiosks and card-present donation acceptance methods contain hardware-level encryption in addition to software-level SSL encryption to protect the data. Each enclosure has card encryption software built into it from the factory that can’t be turned off or modified. GivingFire’s proprietary kiosk app further handles the data passthrough from the hardware to the servers. The card data remains encrypted, even to GivingFire servers, until it reaches the gateway. At that point it reaches the same level of security as the rest of our donations.