Keeping your data secure & ensuring compliance
Rainforest removes the headache of securing your online payments, while reducing your team’s regulatory and compliance burden. We’ve demonstrated our commitment to security by becoming PCI DSS Level 1 certified and hosting our platform on AWS.
We ensure the privacy & safety of your data
Rainforest removes the headache of securing your online payments, while reducing your team’s regulatory and compliance burden. We’ve demonstrated our commitment to security by becoming PCI DSS Level 1 certified. Our platform is also hosted on AWS.
Reduced attack surface & immutable infrastructure
Our fully automated, reproducible deployment pipeline creates a containerized environment with no unrequired packages within our production environment. All infrastructure is read-only and implemented using Infrastructure-as-Code.
Code reviews and automated scanning
All changes to our infrastructure and platform deployments must undergo strict code reviews and automated code scanning to identify any defects, vulnerabilities, 3rd party library security issues, and the presence of secrets within our code.
Automated enforcement of secure coding standards
Automated controls are in place to enforce our secure coding standards and change management controls. No one can skip a step. Every line of code must undergo a pull request and proper security scanning.
Logical access and identity access management
Rainforest implements multiple layers of logical access control, creating fortress-like layers of protection around our data assets and infrastructure.
Firewalling and service minimization
Our infrastructure employs Web Application Firewalling and security groups and restricts traffic to API calls over HTTP/S. No direct user access is permitted in our production environments or databases. Services run in full network isolation.
Rootless administration via infrastructure-as-code
All changes to our platform take place via Infrastructure-As-Code and source code deployments, subject to our strict DevSecOps and change management controls. No direct changes are permitted within our production environments.
Principle of least privilege
Permissions are set at a minimum level and managed through a central directory utilizing Single-Sign-On for provisioning, terminations, and audits.
Two-factor authentication
Rainforest enforces two-factor authentication for all users, across all applications, for access to Rainforest business systems.
End-to-end encryption
Rainforest encrypts your data end to end, from the point of receipt at the user interface level, until it exits in our systems and is processed by our 3rd party payment gateway partners.
Data encryption everywhere
Data is encrypted in transit at all stages of data transmission and processing, including between services within our internal networks. Payment card information is encrypted at rest, at the row level within our production databases.
Payment tokenization
Rainforest implements payment tokenization to further reduce the risk of Primary Account Numbers (PAN) exposure in plaintext as part of data processing.
High availability, globally managed — our platform
Rainforest Pay lives on Amazon Web Services (AWS), using globally available services across multiple regions to ensure maximum updates and high performance — regardless of where your customers are doing business.
DDoS mitigation
Distributed Denial of Service protection is available on all Rainforest services.
Backup and restore
Data is snapshotted and continuously backed up, separate from production datasets.
.svg)
Best-in-class uptime
Through the use of AWS-based platforms and infrastructure, we can provide status updates on our services and platforms.
.svg)
Get started today.
Boost revenue with Rainforest
