Ensuring Kasada is complaint to leading industry standards allows us and our customers to maintain the highest level of confidence in our product offerings.
Kasada is a level 1 compliant PCI DSS version 3.2.1 Service Provider.
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card schemes – Visa, MasterCard, American Express, Discover, and JCB. The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud. PCI DSS v3.2.1 is the current version which came into effect on July 2018.
Typical customer use cases do not require cardholder data (CHD) to be transmitted by our product. Kasada will never store your credit card information.
SOC 2 Compliance
Kasada is a compliant SOC 2 Type 2 Service Provider.
System and Organization Controls (SOC) is a standard developed by the American Institute of CPAs (AICPA) that is widely used by service providers around the world. Kasada has obtained SOC2 compliance to give our customers the information and confidence they need about our controls protecting customer data.
Kasada undergoes a detailed evaluation of our services against the AICPA Trust Services Criteria by an accredited 3rd party auditor annually. Our Type 2 report details our security, confidentiality, and availability controls. This is available upon request.