We take your online security seriously.
We’ve asked Doug McGlashan, whose company ensures the safety of online gifts made at kcrm.org, to explain how each donation transaction is kept secure. Here are his comments:
With regards the issue of security we use industry standard measures which include:
• SiteSafe validation which includes 128-bit encypted information which ensures the donor’s personal data is protected
• PCI DSS compliance. Also, here is some specific information about the security of recurring donations that we process:
For recurring donations we only keep tokenized information for recurring accounts that are current. We do not keep tokens of the data for any one time transactions and data is destroyed when a recurring transaction is ended or declined the first time.
In order to be PCI compliant the data has to be hashed and encrypted in such a way that it is useless outside of special programs. The token we keep only works with our account through processing the rest of the information with Authorize.Net. There is no way to re-combine, extract and transfer that information that is PCI compliant. PCI laws are very strict and PCI compliance is difficult to maintain without applying such measures.
If you have any questions about giving to KCRM, please contact Julie Larocco at firstname.lastname@example.org. Thank you!