Security Is Our First Priority.Cutting-edge technology with world-class security practices - Rebillia meets and exceeds all security and data protection requirements.
Rebillia Keeps You & Your Customers Secure
Every action undergoes several live authentication processes as it is made.
Sensitive data goes through encryption and tokenization processes for maximum security.
Secure Online Channels
For extra security measures, data is splitted and saved in different safe locations.
What Is PCI-DSS?
PCI Compliance Levels 2,3,4 (will mostly be marketed by the company as “Full PCI Compliance”) require an annual Self-Assessment Questionnaire (“SAQ”) and Quarterly network scans. As these levels are all about “check yourself and be honest about it” – they don’t hold any PCI-DSS certificate and are very limited in terms of how many transactions and how much money the are allowed to process.
PCI Compliance Level 1 is the ONLY security level in this category that is thoroughly checked and tested by a Qualified Security Assessor (“QSA”), certificated by the PCI-DSS council themselves. This level of compliance will also offer a certificate known as Attestation of Compliance (“AOC”) that proves the company has been accepted by the PCI-DSS council and works under the council’s regulations all-year-long. As there is no higher level of PCI-Compliance, even major names in the market (for examples: Bank of America and Chase Bank) go through this process every year.
Tip: In order to know you are dealing with a secure, certificated, company – ask them to provide their AOC.
Your Security Is Our Number 1 Priority
Rebillia Platform is a PCI-DSS level 1 service provider
Don’t let information sensitivity hold your store back! With real-time multi authentications, layered data encryptions and managing information through divided secure channels, Rebillia Platform is a PCI-DSS level 1 compliant service that not only complies to regulations, but sets new bars in online card holder data security.
AOC and Responsibility Agreement available upon request.
What Is GDPR?
The GDPR regulates the processing of personal data about individuals in the European Union including its collection, storage, transfer or use. The concept of “personal data” is broadly defined and covers any information relating to an identified or identifiable individual.
The GDPR identifies two entities that may possess personal data. A data controller which decides which data to collect by controling the processing stage of the information. A data processor which is the one that acts according to the data controller to collect, store, retrieve and/or delete personal data.
Rebillia is mainly a data processor, storing/retrieving/charging credit card information or sending emails to customers, where the merchant’s store is the data collector. But when using Rebillia’s “Recurring Orders” product – Rebillia also takes part as a data controller, when it needs to be able to understand what information is a subscription – and “tell itself” (the controller tells the processor) what to do with the information.
Your Customers Are Our Success
Rebillia Platform supports individual rights
Since the founding of the company, Rebillia has always been all about allowing the end-user individual control their information with full visibility, clarity and ease. We keep developing and serving our customers, and theirs, with the same promise.
How Are The Security Standard Being Enforced?
After receiving initial compliance certification, becoming PCI compliant, the PCI-DSS council, and its certified providers, requires every company to complete compliance efforts and acceptance on a periodic basis while maintaining security checks 24/7.
Not only that our certification is periodically renewed by the best PCI auditors in the business (Security Metrics), but by using our PCI compliant services, we actively help our clients exceed their security requirements.
Secure Implementation Guide
Listed below are tips for every merchant to use in order to keep your end of the security at the best it can be
Must a company be PCI compliant when using a third-party PCI compiant service?
Is taking credit card information over the phone PCI compliant?
Rebillia eliminates the need for extra personnel screening processes by allowing to use a saved credit card also for over the phone purchases without even decrypting or detokenizing the information.
How does Rebillia maintain GDPR compliance?
All information processed, stored or transfered through Rebillia is fully secured, encryped and personal information is only available to authorized viewers (user, and sometimes merchant).
I want to store credit card data. Why use a third-party service?
Using Rebillia Platform as a third party, you remove the risks of independently storing card data and give the responsibility to a compamy that specializes in securely dealing with exactly that! And continuously meets and exceeds all of the PCI-DSS requirements.
How does Rebillia handle information removal requests?
Rebillia has automatic processes set up to remove any information marked for deletion. Information will be marked for deletion upon one of the following:
1. A deletion request has been manually made. (Like a customer unsubscribing themselves).
2. An individual removes their own account. By doing that, Rebillia will also remove all information it has on the removed account.
3. Closing a Rebillia account. Rebillia has a system implemented to delete all information related to a specific closed Rebillia account.