Security & PCI Compliance

As a PCI SSC Participating Organization, we’re always up to date on emerging threats and changes in data security standards.

your business is in safe hands

QuickPayGateway goes above and beyond to make sure our systems are secure. Get the confidence of knowing that you, your merchants and their customers can transact safely.

PCI DSS Level 1 compliance

QuickPayGateway has continuously maintained PCI DSS Level 1 certification. We’re audited annually by independent security assessors to ensure we’re adhering to the industry’s highest level of certification and PCI standards.

Disaster recovery

QuickPayGateway is built to withstand local and global events. We have a number of data centers in North America, the UK and Europe. Our infrastructure is carefully designed to avoid single points of failure, allowing for continuous service and unrivaled survivability. We only use service providers that maintain at least two physical fiber entry points into our data centers, plus diverse and multiple paths into their own core networks.


We’re committed to providing the highest availability so you don’t have to deal with unhappy customers. That means we don’t just troubleshoot errors when they happen: we aim to detect and resolve issues before they impact transaction processing. We check availability from points all over the world every five minutes or less, and our entire infrastructure is monitored around the clock to alert our engineers of potential trouble.

Penetration testing

We’re constantly testing our systems to ensure they’re secure. We perform rigorous automated vulnerability scans several times a month on both our internet-facing and internal infrastructure.

Secured access

The QuickPayGateway network has been built with minimal access to outside networks and the internet. Internally, we use a series of highly segmented networks so only specific servers can communicate with each other. Access between network segments is highly restricted by robust firewall rules.

Vulnerability Management

All internet-facing and internal infrastructure is updated as soon as security patches are made available by the vendor.

Distributed Denial of Service mitigation

We use a leading third-party DDoS mitigator that quickly scrubs malicious internet traffic when needed.

QuickPayGateway uses our rigorous cardholder data security measures to comply with the European General Data Protection Regulations (GDPR), maintaining the integrity and confidentiality of all personally identifiable data. We regularly check that in-scope data is current and that the controls to protect it are working.