Paysa’s physical infrastructure is hosted and managed within Digital Ocean’s secure data centers, governed by Digital Ocean’s security and privacy policies. Digital Ocean’s data centers provide 24/7/365 onsite security and security cameras to protect against unauthorized entry. Digital Ocean’s data centers also employ biometric access controls, and two factor authentication in order to gain access to the buildings. Each Digital Ocean facility is unmarked so as not to draw any additional attention from the outside and adheres to strict local and federal government standards. You can read more about Digital Ocean Security and Privacy on the Digital Ocean website.
When you sign up for online access, Paysa asks you to create your own username and password, to access your accounts. This information is encrypted during transmission. We enforce strong passwords that must be eight or more characters and include at least one number and one uppercase letter. Your Paysa account will be locked after three incorrect login attempts. If your account has been locked due to too many invalid login attempts you can request that your account be unlocked through the Paysa service.
Paysa’s system will automatically log you off from www.paysa.com after 2 hours of inactivity. This reduces the risk of others accessing your information from your unattended computer.
Paysa’s computer systems are protected 24 hours a day by powerful firewalls that block unauthorized entry. In order to gain access to authorized information, the web browser you are using must know the proper protocol, or language, and even then only select information is available.
From the moment account information leaves your computer to the time it enters Paysa’s system, all online access and login sessions are encrypted. Paysa employs some of the strongest forms of encryption commercially available for use on the Web today.
Look for a "closed lock" icon in the lower right-hand corner (Microsoft Internet Explorer) or in the left end of the address bar (Google Chrome) or in the right end of the address bar (Firefox 2) or in the top right corner (Safari) of your browser to determine if encryption is being used on any Web page you are viewing. Any Web address beginning with "https://..." indicates the page you are viewing uses encryption. The "s" stands for "secured."
Once we receive your account information, we make reasonable efforts to ensure security on our systems, including regularly auditing data stored on our servers, protecting it in secure, environmentally-protected data storage facilities and enforcing "need-only" log-in access permissions for authorized personnel. We also maintain a security incident log, and enforce data privacy and security protocols and train all employees on these policies to best protect data from accidental, unintentional, or malicious exposure, improper distribution or potential theft.
Paysa maintains and monitors our security systems to help protect your accounts.
You are responsible for protecting your password and account information by not disclosing your personal account information to others including your email address and password, and by promptly reporting any incidents of unauthorized Paysa account access or use, or any incidents compromising the security of your email account used by Paysa by emailing Paysa at [email protected].
If you receive a suspicious email, phone call or text message that looks like it is coming from Paysa, let us know about it immediately. Forward the original email you received as an attachment or provide a description of the phone call or text message to [email protected]. Someone from Paysa will contact you as appropriate. Paysa will take the necessary steps to address suspicious events.
If you discover a security vulnerability in any of our services, we would love to hear from you.
We are grateful for all your hard work to identify any weaknesses in Paysa. Depending on the potential severity of your report, we would like to reward you for responsibly disclosing vulnerabilities with an acknowledgement on our Whitehat thank you page, and/or swag.
See our Whitehat thank you page for a list of all who've helped contribute to keeping Paysa safe for our users.