World-class security at work 24/7/365 to protect your—and your customers’—data. Recognized on the Visa Global Registry of Service Providers, Recurly’s PCI-DSS Level 1 compliant platform meets or exceeds all industry-standard payment security practices.
Secure and protect the application and data by using robust, configurable user access controls. Maintain a compliant, best-practices approach while ensuring those who need data access can get what they need.
Confidently expand into new markets without compliance concerns. Our platform and practices are continually updated, tested, and enhanced to ensure our customers’ compliance with global and local mandates.
Industry-leading data, application, and network security infrastructures with built-in adherence to global compliance mandates.
Focus on your business—we’ve got security handled. All customer data is encrypted—at rest and in transit—and sensitive data is securely stored in tools like Google KMS. Best-in-class tools work 24/7 to secure and monitor our infrastructure and networks.
Keep business moving faster—Recurly will match your pace. Built on highly scalable, industry-leading service providers such as Google Cloud, our platform allows you to scale confidently—and instantaneously—without disruption.
Ensure proper access with configurable user roles and permission controls that fit the way you work. Recurly works behind the scenes to enforce and audit access with SAML, SSO, and audit logs.
Wherever you grow, we know the rules. We’re SOC II Type 2 and PSD 2 compliant and meet CCPA and GDPR requirements. We engage third party auditors and pentesters to ensure the highest quality standards.
secured partner integrations
partner and gateway integrations
global brands on Recurly
active subscribers globally
Recurly takes complex subscription billing issues like PCI compliance, mandates, GDPR, and more, and makes it a breeze for Proposify.
Recurly is PCI-DSS Level 1 compliant, a standard that specifies best practices and specific security controls. Cardholder data is sent directly to Recurly to minimize risk to your business. Recurly provides a secure environment that delivers above industry security standards and guidelines.
All organizations processing credit card information, regardless of their deployment model, are required to be certified. Your merchant bank account requires your business to be PCI compliant, and Recurly helps meet those requirements.
Sensitive information is stored using several layers of encryption in a segmented network with no public internet access. New encryption keys are generated on a daily basis, and existing keys are rotated on a regular basis. Sensitive information is encrypted by an SSL connection when in transit over public networks with SSL connections using TLS v1.2 or above. Learn more about subscription fraud trends.
Recurly application development follows industry-standard secure coding guidelines. The application is segmented by function to maintain security.
Recurly is hosted on the Google Cloud Platform with the highest level and measures for security. All access to Recurly's network and services is strictly logged. Audit logs are reviewed on a regular basis. Internal and external network penetration tests are performed on a regular basis by third-parties. Two-factor authentication and strong password controls are required for administrative access.