Security

Security is one of the biggest considerations in everything we do. If you have any questions, or encounter any issues, please contact us at contact@kidneybuzz.com.

PCI

The service we use to take payments has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available.

SSL and HSTS

KidneyBuzz.com uses a company that forces HTTPS for all services, including our public website. They regularly audit the details of our implementation: the certificates served, the certificate authorities used, and the ciphers we support. 

Encryption

All card numbers are encrypted on disk with AES-256. Decryption keys are stored on separate machines. None of our internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. KidneyBuzz.com's payment process infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn't share any credentials with primary services (API, website, etc.).

Summary

I can best sum it up like this: All of your personal Credit Card information is safe with KidneyBuzz.com's trusted system. If you have any questions, feel free to email contact@kidneybuzz.com.