Security & compliance

Trust your subscriber data to our world-class security and compliance standards.

PCI Compliance

World-Class Security

Your merchant bank account requires your business to be PCI compliant, and Recurly helps you meet those requirements. Recurly is PCI-DSS Level 1 compliant, the highest level of security a business can offer. Cardholder data is sent directly to Recurly to minimize risk to your business. Recurly meets and exceeds all industry-standard payment security practices to protect you and your customers.

Learn more

User Roles and Permissions

Compliance, Security, and Confidence

Providing only the level of access necessary for a user to perform their role mitigates security risks and supports compliance with company policies. Because we understand that not every user in your organization needs full access to the Recurly app, we support five distinct user permission groups with varying levels of access.

The five permission groups are named to reflect the area of the Recurly application to which the user has been given access: Customers, Reports, Configuration & Integrations, Developers, and Admin. Site administrators have the ability to manage user roles and permissions and make adjustments as necessary. Administrators also have the option for an even more granular level of user control by allowing Read-Only access to the Customers section of the application.

Read our blog post on user roles and permissions

Fraud Management

Protect Your Business and Your Profits

Recurly Fraud Management gives subscription businesses the power to automatically identify and address fraudulent transactions. Businesses safeguard their profit by minimizing chargebacks, and prevent card-not-present, account takeover, and account creation fraud.

Learn more

Data Portability

Your Customer Data Belongs to You

Ensure business continuity and scalability with credit card data that's fully portable. Recurly will export the credit card data that we store for you to another PCI-certified provider should you ever request it. Unlike some cloud computing service providers, Recurly is committed to data portability. It's important to our customers, and it's important to us.

Two-Factor Authentication

An Extra Layer of Security for Logins

Minimize security risks and ensure peace-of-mind with enhanced security and protection through Recurly's PCI-compliant, two-factor authentication. Users are prompted to authenticate providing two pieces of information: their password and a verification code. The additional layer of security ensures that only intended Recurly users can access their account.

Single Sign-On

Improve Account Security and Access

Enhance the security of your customers' sensitive data in Recurly and deliver a streamlined login experience to your employees with single sign-on. Use your single sign-on credentials to access Recurly, providing an additional layer of security and eliminating the need to remember multiple passwords.

Subscription success starts with Recurly

Book My Demo Try it free