Our customer data is stored on secure servers on a secure cloud computing platform at AWS.
Amazon Web Services Security
The AWS cloud infrastructure represents that it has been designed and is managed in alignment with regulations, standards, and best practices, including:
- SOC 1/SSAE 16/ISAE 3402 (formerly SAS70)
- SOC 2
- SOC 3
- PCI DSS Level 1
- ISO 27001
- DIACAP and FISMA
- FIPS 140-2
All our employees go through a background check and reference check prior hiring and are required to sign a confidentiality agreement.
We securely encrypt your passwords. Passwords are one-way encrypted using the bcrypt algorithm, with a random salt for each password. This means that only the original creator of the password knows its value. This type of encryption is extremely difficult to break. When passwords must be retrieved, public/private key encryption is used, with a key length of 4096 or greater. Access and retention of passwords are strongly controlled and logged.
23Reviews do not store any credit card numbers and security information. When you provide a credit card number to purchase our service, it is turned into a secure token by our payment processing company. We only store the secure token on our system. We do not collect or store personal financial data, SIN or government-issued ID numbers of any kind.
How to protect your 23Reviews account?
Do not share your passwords with anyone. Make sure that your password contains both numbers and letters and it at least eight characters in length. Try to update your password on a regular basis.