iZettle is approved by EMV (Europay, MasterCard and Visa) and adhere to the requirements of the global "Payment Card Industry Data Security Standard" (PCI DSS) for handling card data.
All system development follows the industry-standard OWASP guidelines, and the entire system is hosted in a PCI certified server environment with 24-hour surveillance.
More Secure by the Minute
We have advanced systems that monitor each and every transaction that’s being processed. There’s also an entire team dedicated to monitoring sign-ups, payments and deposits, and developing new processes that make sure that we stay at the forefront of security and risk management.
All traffic is logged and supervised to detect any unusual or suspicious activity, which means that as our system grows and develops, so do our security processes. In other words, iZettle is secure and becomes more so by the minute.
People and Processes
To keep iZettle safe and secure, we need to know who we are working with. We have advanced processes for getting to know our users, and constantly monitor the systems for unusual or suspicious behaviour.
Naturally, all employees and consultants work in regulation with industry standard security protocols, and only staff with absolute requirement can access sensitive data. So if someone doesn't need the information, they won't see it.
To make sure that we remain at the forefront of payment security, our systems are regularly inspected by internal as well as external security experts.
All sensitive data is encrypted, using advanced cryptographic algorithms, and protected by VeriSign Extended Validation SSL certificates.
Chip-card data is encrypted in the card reader, and never stored on the device or smartphone. This means that if a mobile device or an iZettle chip-card reader is ever lost or stolen, card details and money remain safe.
An E-money Institution
iZettle is an E-money Institution, and as such, we're under the supervision of the Swedish Financial Supervisory Authority. Being regulated by the Financial Supervisory Authority is a great commitment, but it is also a necessity for a company like us. It is a quality mark that means we have great risk management and are a well managed organisation overall.
It is the FSA's duty to protect consumers and the general trust for the financial system, so being a user of a supervised firm like iZettle, you can trust that we comply with all relevant laws and regulation and take our users interests very seriously. In short, being an E-money Institution, we work hard to take great care of the financial system in general, and our users and your customers in particular.
We will do everything in our power to keep our users details and all other sensitive data safe. If our service is abused, we will terminate and block the user accounts, card reader and application immediately. Naturally, we do not tolerate fraud, intrusion attempts or other abuse and we will report such offences to the relevant local authorities and law enforcement organisations.
We constantly evaluate our work and push the boundaries of what's possible in terms of security in technology, processes and people. In short, we worry about your and your customer's safety, so you don't have to.
If you have any questions or if you ever experience any problems with our service, please get in touch immediately!