Security has been one of our biggest considerations in the development of the Band Of Hands application and website. We utilize one of the best payment providers in the industry, Stripe. Their system and js.platform has been audited by a PCI-certified auditor and is certified to a PCI-DSS (*) Service Provider Level 1. This is the most stringent level of certification available.
(*Payment Card Industry-Data Security Standard (PCI DSS).
Stripe forces HTTPS for all services, including their website. The Band of Hands website also utilizes SSL certifications. All payment details such as credit card numbers, bank and routing account numbers are encrypted on Stripe servers. None of Stripe's internal servers are able to obtain plain text card numbers. Stripe's infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure and doesn't share any credentials with Stripe's primary services (API, website, etc.). By utilizing Stripe.js, no credit card or bank account information is stored on the Band of Hands platform or servers.