Your merchant bank account requires your business to be PCI compliant, and Recurly helps you meet those requirements. Recurly is PCI-DSS Level 1 compliant, the highest level of security a business can offer. Cardholder data is sent directly to Recurly to minimize risk to your business. Recurly meets and exceeds all industry-standard payment security practices to protect you and your customers.
User Roles and Permissions
Providing only the level of access necessary for a user to perform their role mitigates security risks and supports compliance with company policies. Because we understand that not every user in your organization needs full access to the Recurly app, we support five distinct user permission groups with varying levels of access.
The five permission groups are named to reflect the area of the Recurly application to which the user has been given access: Customers, Reports, Configuration & Integrations, Developers, and Admin. Site administrators have the ability to manage user roles and permissions and make adjustments as necessary. Administrators also have the option for an even more granular level of user control by allowing Read-Only access to the Customers section of the application.
Ensure business continuity and scalability with credit card data that’s fully portable. Recurly will export the credit card data that we store for you to another PCI-certified provider should you ever request it. Unlike some cloud computing service providers, Recurly is committed to data portability. It’s important to our customers, and it’s important to us.
Minimize security risks and ensure peace-of-mind with enhanced security and protection through Recurly’s PCI-compliant, two-factor authentication. Users are prompted to authenticate providing two pieces of information: their password and a verification code. The additional layer of security ensures that only intended Recurly users can access their account.