Swipr uses industry-leading security measures to protect your payment information and personal data.
PCI DSS Compliance
All payment processing is handled by Stripe, a PCI DSS Level 1 certified processor — the highest level of security certification in the payment industry. Swipr never stores your full credit card number, CVV, or other sensitive payment data on our servers.
Encryption Standards
All data transmitted between your device and our servers uses TLS 1.2 or higher encryption (HTTPS). Payment data uses AES-256 encryption. Data stored in our databases is encrypted at rest. Our infrastructure on AWS Montreal maintains SOC 2 and ISO 27001 certifications.
Access Controls
Swipr limits employee access to personal data through strict role-based access controls. Only team members who need specific data for their job functions can access it. All administrative access requires multi-factor authentication. Access is logged and audited regularly.
Fraud Detection
We use automated systems to monitor for suspicious activity including unauthorized account access, unusual booking patterns, and payment fraud. If suspicious activity is detected on your account, we may temporarily restrict access and notify you to verify your identity.