Curlec is a shared payment service provider. You bear some responsibility for the security of your payment ecosystem.

Curlec is responsible for all the backend systems and payment data we process and share with banks. Our security and compliance programme ensures that we are always compliant against PCI-DSS, ISO 27001 and SOC 2 global compliance standards.

While Using the Curlec Payment Gateway

It is critical to ensure the security of your API keys and Dashboard credentials. Ensure that you store these details in safe places and only share them with trusted team members.

Additionally, ensure that a customer's payment information only reaches your servers if you are

PCI DSS

certified.

Sensitive Data

On the Curlec Payment Gateway, all the details entered by a user, like their name, address, and credit/debit card information, are used only to process and complete the order. Curlec never stores sensitive information like CVV numbers, PINs and so on.

Shared Responsibility Model

While Using the Curlec Payment Gateway

Related Information