AdvicePay is the only billing and payment solution designed for financial planners and their unique business needs. Explore the features created to serve you and your clients.
Have Confidence in a Secure System
We’ve designed the AdvicePay system to maximize data security at every level of our payment processing. AdvicePay utilizes multiple third-party vendors to provide services as applicable to the AdvicePay application. AdvicePay engages with the Stripe payment processing platform, a U.S.-based payment processor that manages billions of dollars each year. Stripe has been audited by a Payment Card Industry (PCI)-certified auditor and is certified to PCI DSS Service Provider Level 1. This is the most stringent level of certification available in the payments industry. Stripe annually performs a SOC 2 Type II audit for compliance.
How We Protect Data — for You and Your Clients
Payment information is never stored in our database.
Payment Information is never stored in our database. AdvicePay submits payment requests to Stripe securely via tokenization. Customer information is never stored directly on any AdvicePay servers. This approach enables information to remain securely stored in one place, guarding against compromise.
Data is hosted to maximize compliance and security.
AdvicePay Infrastructure is hosted to maximize compliance and security. AdvicePay’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilizes Amazon Web Services (AWS). Amazon continually manages risk and undergoes recurring assessments to ensure compliance with data security industry standards.
Amazon’s data center operations have been accredited under:
- ISO 27001, ISO 27017, ISO 27018
- SOC 1/SSAE 16/ISAE 3402, SOC 2, SOC 3
- PCI DSS Level 1
- FISMA Moderate
- Sarbanes-Oxley (SOX)
- SEC Rule 17a-4(f)
For additional information on AWS compliance see: AWS Security and Compliance
All communications are encrypted.
AdvicePay uses HTTPS exclusively to ensure confidentiality and data integrity. HTTPS is the secure version of HTTP, the protocol over which data is sent between your browser and the website to which you are connecting. You can be confident all interaction between client and advisor browsers and the AdvicePay website are encrypted using the secure HTTPS protocols.
AdvicePay employs adaptive machine learning to detect and prevent fraud by using Radar, a data aggregator used to identify potential fraud indicators across all of Stripe’s 100,000+ businesses. These proactive steps work to improve fraud detection and reduce the risk of improper use of the platform.
SOC 2 Type II
AdvicePay performs an annual SOC 2 Type II audit that is performed and delivered by CPA firm, KirkpatrickPrice. The audit specifically tests AdvicePay’s reporting controls that relate to security and availability. This attestation provides evidence that AdvicePay has a strong commitment to security and to delivering high-quality services to its clients by demonstrating that they have the necessary internal controls and processes in place.
The successful completion of the SOC 2 Type II examination and audit highlights AdvicePay’s continued commitment to deliver best-in-class solutions and safeguards to protect and secure our customers’ data. This Attestation of Compliance is widely known as the industry benchmark for SaaS businesses and the most stringent examinations of an organization’s security controls, policies, and procedures, and we are proud to exceed customer expectations when it comes to protecting their data.
PCI SAQ A
As a merchant service provider, AdvicePay performs a PCI Self Assessment Questionnaire (PCI SAQ A) on an annual basis as required by our partner Stripe. The PCI SAQ A is a validation tool that assists in evaluating and attesting to the PCI Data Security Standard (DSS) of compliance. AdvicePay partners with Stripe who performs all card holder data functions. Stripe is a certified PCI DSS Level 1 payment processor. AdvicePay as a merchant service provider does not perform any cardholder data functions including storage, processing, or transmission of card data.
We’re committed to continuous improvement in data security.
AdvicePay undergoes annual, independent, third-party penetration tests of technology to help identify any internal risks before issues arise.
Need to share this information? Download our AdvicePay Security Overview.