Lobster Ink takes great care to ensure that any payments you make on our platform are done so with the highest degree of security and online safety. Lobster Ink does not store credit card details, and passes all credit card transactions through a dedicated payment gateway.
Safety is a big deal for our payment gateway. Want more info? Let’s get TECHNICAL!
The payment gateway is fully PCI DSS 3.2 compliant as a Level 1 Service Provider, which is the key security standard within the payments industry.
On top of this, the gateway is fully supervised by the Dutch Central bank as a payment institution and complies with all the requirements of the European Commission’s Payment Service Directive (PSD, 2007/64/EC), as well as being compliant with ISAE3402/SOC 1 (Service Organisational Control 1), which evaluates and tests the internal controls around financial reporting of a service organisation. It reflects the compliance with policies and procedures of the service organisation through monitoring, training and checks on policies and procedures.
The payment gateway is audited by Trustwave, an ASV and a QSA for the Payment Card Industry Security Standards Council. As a principal member and licensed acquirer of Visa and MasterCard, also adhering to the card schemes’ operating regulations. This is subject to yearly audits by Visa, MasterCard and the banks it partner with.
Finally, if you are still with us, the payment gateway operates independent anti-DDOS solutions from two different vendors. Regarding the secure storage of cryptographic keys, the gateway uses HSMs to which no individual access by anyone is granted.