Our Commitment to Security

Here at QashGift, our internal security team works day in and day out to ensure that QashGift isn’t just the smartest way to pay, it’s also the safest way to pay. It is our commitment to you, our business partners, our users and everyone in between, to ensure that QashGift sets the golden standard for security in payments.

If you ever have any questions about QashGift’s security, please contact us at [email protected] and we’ll route your inquiry to our security team.

A Multi-Pronged, Redundant and Modern Approach to Security

Below you can find more details on how we approach security.

PCI Compliance

QashGift is 100% compliant to the letter and intent of all PCI regulations, rules and recommendations.

Secured Sockets Layer (SSL)

All payment information is transmitted over SSL.

Data Encryption

All sensitive data transmitted to QashGift is encrypted and stored on secured servers.

All The Security of Your Card

QashGift is definitely a new way to pay, but it isn’t actually a new payment method. It’s just linked to your credit or debit card. So at the most basic level, you get all the security of your card PLUS all the security of QashGift.

No Credit/Debit Card Information Is Stored by QashGift

We do not store your credit/debit card information on QashGift’s servers.

QR Code Security

The data encoded in the QR code you use to transact is NOT your credit or debit card information. The QR code generated do not have any practical usage in other QR reader apps, it can only be verified by our QashGift merchant terminals. Aside from that, multiple authentication layers are incorporated in the verification process to ensure no random generated strings or QR codes can be used to access the system.

Carry QR Code, Not Payment Data

You carry no actual payment data around with you on a daily basis, as opposed to all that live payment data in your wallet right now. This is security on an architectural level. It is perhaps the most fundamental component to our security model. Carrying around live payment data is naturally risky. QashGift ensures that no live payment data is carried on your person, stored in your phone or delivered to the merchant at any time. We believe this shift to be a necessary progression that will eventually be adopted as standard practice by all modern payment providers to ensure the security of your payments.

Pin Lock Your App

You can pin-lock the QashGift app by tapping “Settings” and entering a pin-lock combination. Of course, you can always pin-lock your phone too. Or do both.

Radical Transparency

With each transaction, you get a digital receipt via email and push notification. If something ever looks off, you can reset your code with a single click and stop all activity on your account.

Payment Instrument Never Leaves Your Hand

With QashGift, your phone (the payment instrument) never leaves your hand. This is not the case with other payment instruments, such as a credit or debit card, where at a restaurant the waiter/waitress will normally remove your payment instrument from the table, disappear for 5-10 minutes and then return. With QashGift, the waiter/waitress will bring the QashGift terminal to your table and complete the transaction in front of you. This process-level security improvement eliminates the window of opportunity responsible for the plurality of identity thefts.

Protection against Attacks

To ensure the safety of information stored in our database, our team has set up a rigorous security measures to protect your information from:

  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF)
  • SQL injection
  • URL manipulation
  • Session hijacking
Additional Security Mechanisms

We’re constantly working on more ways to make QashGift the most secure payment method on the planet. Some we’ll publish here to help push the industry forward. Others we’ll keep private. But rest assured, security is our primary focus.

Security Is A Conversation

If you ever have any questions about QashGift’s security, please contact us at [email protected] and we’ll route your inquiry to our security team immediately.