Extensions never send any information to Toast's servers without user action.Īny data collection is not done by extension unless requested by the user. Additionally, unique (per user/per device) and regularly updated security tokens are used to ensure even higher safety of personal information.Īll Toast extensions communicate with the server only through an encrypted connection to API. Network AccessĪccess to users' data is only possible via encrypted connections according to industry best-practices HTTPS and Secure Sockets Layer (SSL). Firewalls, best-in-class router technology Intrusion Detection and/or Prevention technologies (IDS/IPS) are implemented by our hosting provider, which monitor and/or block malicious traffic and network attacks. Our API is SSL-only and you must be a verified user to make API requests.Īll access to the Toast network is restricted to HTTPS encrypted connections. Toast follows secure credential storage best practices by never storing passwords in a human-readable format, and only as of the result of a salted, one-way hash. We offer our own local sign-in as well as Google, Apple & Facebook Authentication services. 👁 Authentication Security Authentication Options.Stripe’s security information is available online.
Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification available. Instead, we depend on Stripe, a company dedicated to this task. When you purchase a paid Toast subscription, your credit card data is not transmitted through nor stored on our systems.
0 kommentar(er)
