Security at
Every Layer
Security isn't a feature at MyCardLiaison — it's foundational. Here's how we protect your data and your customers' cards.
PCI DSS Level 1
The highest level of PCI compliance. Audited annually by a QSA.
SOC 2 Type II
Security, availability, and confidentiality controls independently audited.
ISO 27001
International standard for information security management.
TLS 1.3 Only
All API traffic encrypted with TLS 1.3. No legacy protocol support.
GDPR Compliant
Full GDPR compliance with a DPA available for EU customers.
Pen-Tested Annually
External penetration testing by a specialist security firm each year.
Responsible Disclosure
If you discover a security vulnerability in MyCardLiaison, please report it responsibly to security@mycardliaison.com. We operate a bug bounty programme and will acknowledge all valid reports within 24 hours.
We ask that you do not publicly disclose the vulnerability until we have had a reasonable time to address it (typically 90 days).