Thousands of property managers trust PayProp to manage their payments, so our top priority is to ensure that their data is kept secure at all times.
PayProp employees are trained in all aspects of web application security, including infrastructure vulnerabilities, cross-site scripting, secure data storage, and the use of the software development lifecycle to maintain and improve security. Our systems allow access only to authorized staff.
All transaction information entering PayProp systems is encrypted using 128-bit SSL certificates. No information is ever passed unencrypted in a web browser to PayProp. Nothing you enter as part of a secure PayProp transaction can be examined, used or modified by any third parties attempting to gain access to sensitive information.
PayProp protects customer data using rigorous physical, electronic, and personnel security measures. Once on our systems, data is encrypted and stored securely in dedicated hosting facilities at our Data Center. PayProp servers are hosted in the Amazon Cloud (US Region). Application services are load balanced between different data centers (availability zones) ensuring high availability. The cloud environment also allows for rapid auto scaling, ensuring optimal performance during periods of high traffic.
Encryption and data storage
In addition to real time replication of data to multiple data centers, up to three additional layers of backups are provided. The network architecture within the data center employs sophisticated controls and authentication technologies to protect business information and prevent unauthorized access. We employ the industry-standard, 128-bit Secure Socket Layers (SSL) protocol through a certificate, to ensure that information is neither intercepted nor corrupted during transmission over the internet. In addition, we use encryption technology to protect data when stored on disk.
In addition to the physical and network-related security measures implemented by Amazon to protect their data centers, we deploy additional layers of firewalls to further improve security. The entire PayProp service application, including your data, runs securely behind firewalls and is constantly monitored by security specialists.
PayProp runs on AWS, a secure, durable technology platform with industry-recognised certifications and audits: PCI DSS Level 1, ISO 27001, FISMA Moderate, HIPAA, and SAS 70 Type II.
If you discover a vulnerability, please inform us so that we can take steps to address it. We appreciate your help in protecting our clients and our systems.
Please email your findings to firstname.lastname@example.org, providing sufficient information to reproduce the problem. Usually, the IP address or the URL of the affected system and a description of the vulnerability will be sufficient, but complex vulnerabilities may require more detailed explanation.
Do not take advantage of the vulnerability or problem you have discovered, for example by downloading more data than necessary to demonstrate the vulnerability, or by deleting or modifying other people's data. Do not reveal the problem to others until it has been resolved.
We will respond to your report within three business days with our evaluation of the report and an expected resolution date. If you have followed the instructions above, we will not take any legal action against you in regard to the report. Furthermore, we will handle your report with strict confidentiality, and will not pass on your personal details to third parties without your permission. We will keep you informed of our progress towards resolving the problem.