Security & Compliance
Protecting Data So You Don’t Have To
Secure Payment Processing
How Paragon Protects Sensitive Data
Every day, partners and merchants alike rely on the PURE Processing Platform to power their payments. Purpose-built by payment industry veterans and maintained entirely in-house, our platform has security and compliance at its core. Featuring a comprehensive suite of payment solutions that simplify data security, and reduce the cost and complexity of PCI compliance, the PURE Processing Platform is ideal for all payment environments including card-present point-of-sale, mobile payments and e-commerce.
Our Scope-Reducing Technologies
Widely accepted as the best way to secure cardholder data in transit, Paragon’s P2PE protects cardholderdata at the point of entry (manual key-entry or card-swipe), rendering it useless to hackers. Merchants leveraging this technology completely remove the transmission of cardholder data from their environments, protecting customers and simplifying PCI compliance. Software applications featuring P2PE are considered out-of-scope of PCI compliance.
Tokenization technology replaces cardholder data with a non-sensitive token, that is mathematically irreversible, to facilitate card-on-file/scheduled payments. By rendering cardholder data both inaccessible and unusable, this time-saving solution minimizes the risk of fraud and reduces the scope of PCI compliance for merchants and software providers alike.
Hosted Payments securely connects a website or shopping cart application to the PURE Processing Platform enabling credit card and ACH payments. With our Hosted Payments solution, software applications collect the non-sensitive data needed to perform a payment transaction, while Paragon securely handles all sensitive cardholder data. Applications leveraging this technology are considered out-of- scope of PCI compliance while merchants benefit from simplified compliance requirements.
Paragon is partnered with SecurityMetrics, a leading Qualified Security Assessor (QSA), to provide merchants with assistance in completing their annual PCI Self-Assessment Questionnaire (SAQ) and quarterly network scans (if applicable). Paragon merchants may enroll in the SecurityMetrics PCI program during the merchant application process or at any time during their relationship with Paragon. All Paragon merchants (regardless if they choose to enroll in the SecurityMetrics program) are required to show an annual attestation of compliance (AOC) and evidence of passing quarterly vulnerability scans with a PCI SSC Approved Scanning Vendor (ASV).
Upon request, Paragon’s Client Services team will provide basic PCI training. Paragon merchants enrolled in the SecurityMetrics program have access to SecurityMetrics’ 24/7 technical support to assist with both SAQ and vulnerability scans.
Paragon is a Level 1 PCI DSS compliant service provider. Our Report on Compliance (ROC) is available upon request.
Get Started Now!
Ready to see our API or open a test account? Looking for more information on our Partner Programs? Are you a merchant with a question? We are here to help!