Security is one of the biggest considerations in everything we do. If you have any questions, or encounter any issues, please contact us at


The service we use to take payments has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available.

SSL and HSTS uses a company that forces HTTPS for all services, including our public website. They regularly audit the details of our implementation: the certificates served, the certificate authorities used, and the ciphers we support. 


All card numbers are encrypted on disk with AES-256. Decryption keys are stored on separate machines. None of our internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist.'s payment process infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn't share any credentials with primary services (API, website, etc.).


I can best sum it up like this: All of your personal Credit Card information is safe with's trusted system. If you have any questions, feel free to email