Advanced encryption and security standards to support our clients and partners

Data Centre & Network Security

Hosting and Storage Facilities

Raincheck hosts its application primarily in Leaseweb data centers that have been certified as ISO 27001, PCI/DSS, SOC 1 Type II, HIPAA, and/or NEN 7510compliance.

Encryption

All data sent to or from Raincheck is encrypted in transit using 256-bit encryption.

Our API and application endpoints are TLS/SSL only. This means we only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled.

We also encrypt data at rest using an industry-standard AES-256 encryption algorithm.

Back-Ups and Monitoring

On an application level, we produce audit logs for all activities. All actions taken on production consoles or in the Raincheck application are logged.

DDoS Mitigation

Raincheck has architected a multi-layer approach to DDoS mitigation via Leaseweb DDoS IP Protection.

Security and anonymity

Raincheck leverages on Nginx Reverse Proxy for all incoming connections provides an outstanding level of security and reliability

Permissions and Authentication

Access to customer data is limited to authorized employees who require it for 2 their job. Raincheck is served 100% over HTTPS. Raincheck runs a zero-trust corporate network. There are no corporate resources or additional privileges from being on Raincheck’s network.

Application & Product Security

Framework Security Controls

OmniSpce leverages modern and secure open-source frameworks with security controls to limit exposure to OWASP Top 10 security risks. These inherent controls reduce our exposure to SQL Injection (SQLi), Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF), among others.

Permissions

We enable permission levels within the application to be set for the various user groups. Fine-grained permission and access management gives you a full range of options to fine-tune permissions and rights regarding your company’s security directives

Password and Credential Storage

Raincheck enforces a password complexity standard and credentials are stored using a PBKDF function (bcrypt).

Quality Assurance

Our Quality Assurance (QA) department reviews and tests our codebase. Dedicated application security engineers on staff identify, test, and triage security vulnerabilities in code.

Separate

Testing and staging environments are logically separated from the Production

Environments

environment. No Service Data is used in our development or test environments.

Others

Confidentiality

All employee contracts include a confidentiality agreement

EU - US Privacy Shield
SOC 2 Type II Attested
ISO 27001 Certified

Connect Raincheck to your website
and begin delivering conversational customer experience

The platform you need to streamline your customer experience with ease.

  • Free 30-day trial
  • No credit card required
  • Cancel anytime
Book a Demo