LOGIN

Security & Privacy at AdvicePay

We’ve designed the AdvicePay system to maximize data security at every level by observing industry best practices and regulatory frameworks to protect our customers’ data.

SECURITY REVIEW REQUEST BOOK A DEMO
AdvicePay-Icon-Shield-2-White-SVG

How We Protect Data — for You and Your Clients

Vendor Audit & Approval Process
Payment Information
Hosted Infrastructure
Encrypted Communication
Fraud Prevention
Data Privacy
Security Training

Vendor Audit & Approval Process

AdvicePay undergoes an extensive security review and approval process before engaging with any third-party vendors to provide services, ensuring appropriate safeguards are in place. 

AdvicePay-Icon-Medal-1-Black-SVG

Payment Information

AdvicePay submits payment requests to Stripe securely via tokenization. Customer information is never stored directly on any AdvicePay servers. This approach enables information to remain securely stored in one place, guarding against compromise.

As a U.S.-based payment processor that manages billions of dollars each year, Stripe has been audited by a Payment Card Industry (PCI)-certified auditor and is certified to PCI DSS Service Provider Level 1. This is the most stringent level of certification available in the payments industry. Stripe annually performs a SOC 2 Type II audit for compliance.

AdvicePay-Icon-Money-1-Black-SVG

Hosted Infrastructure

AdvicePay’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilizes Amazon Web Services (AWS). Amazon continually manages risk and undergoes recurring assessments to ensure compliance with data security industry standards.

Amazon’s data center operations have been accredited under:

  • ISO 27001, ISO 27017, ISO 27018
  • SOC 1/SSAE 16/ISAE 3402, SOC 2, SOC 3
  • PCI DSS Level 1
  • FISMA Moderate
  • Sarbanes-Oxley (SOX)
  • SEC Rule 17a-4(f)
For additional information on AWS compliance see: AWS Security and Compliance
AdvicePay-Icon-ComputerMonitor-1-Black-SVG

Encrypted Communication

AdvicePay exclusively uses HTTPS to ensure confidentiality and data integrity. HTTPS is the secure version of HTTP, the protocol over which data is sent between your browser and the website to which you are connecting. You can be confident all interactions between client and advisor browsers and the AdvicePay website are encrypted using the secure HTTPS protocols.

AdvicePay-Icon-Connect-1-Black-SVG

Fraud Prevention

AdvicePay employs adaptive machine learning to detect and prevent fraud by using Radar, a data aggregator used to identify potential fraud indicators across all of Stripe’s 100,000+ businesses. These proactive steps work to improve fraud detection and reduce the risk of improper use of the platform.

AdvicePay-Icon-Lock-2-Black-SVG

Data Privacy

Your data privacy and preferences concerning the collection of your information are important to AdvicePay. The AdvicePay Privacy Policy describes our privacy practices that apply to AdvicePay website visitors and individuals who register to use the AdvicePay services. Please contact our support team if you have any questions about the AdvicePay Privacy Policy.

AdvicePay-Icon-Shield-2-Black-SVG

Security Training

All AdvicePay employees are trained on data privacy and cybersecurity policies during onboarding and participate in additional training each year.

AdvicePay-Icon-People-1-Black-SVG

Need to share this information? Download our AdvicePay Security Overview

GET THE GUIDE

AdvicePay Compliance

SOC 2 Type II

AdvicePay performs an annual SOC 2 Type II audit that is performed and delivered by CPA firm, KirkpatrickPrice. The audit specifically tests AdvicePay’s reporting controls that relate to security and availability. This attestation provides evidence that AdvicePay has a strong commitment to security and to delivering high-quality services to its clients by demonstrating that they have the necessary internal controls and processes in place.

The successful completion of the SOC 2 Type II examination and audit highlights AdvicePay’s continued commitment to deliver best-in-class solutions and safeguards to protect and secure our customers’ data. This Attestation of Compliance is widely known as the industry benchmark for SaaS businesses and the most stringent examination of an organization’s security controls, policies, and procedures. We are proud to exceed customer expectations when it comes to protecting their data.

Penetration Tests

AdvicePay undergoes annual, independent, third-party penetration tests of our technology to help identify any internal risks before issues arise.

More information

PCI SAQ A

As a merchant service provider, AdvicePay performs a PCI Self Assessment Questionnaire (PCI SAQ A) on an annual basis as required by our partner Stripe. The PCI SAQ A is a validation tool that assists in evaluating and attesting to the PCI Data Security Standard (DSS) of compliance. AdvicePay partners with Stripe who performs all card holder data functions. Stripe is a certified PCI DSS Level 1 payment processor. AdvicePay as a merchant service provider does not perform any cardholder data functions including storage, processing, or transmission of card data.

Performing a Security Review?

Request information by filling out the form below