Why is PCI-DSS Important to Alohi?

PCI-DSS is fundamental to Alohi because it directs our efforts in safeguarding payment and cardholder information to the highest standards. Our adherence to the requirements outlined by PCI-DSS ensures that we process, store, or transmit credit card information in a secure environment. Through the rigorous application of necessary network, process, and data security measures, we guarantee robust protection against data breaches and fraud.

Secure Payment

How Does Alohi Process Payments?

Web & Android App Transactions
Alohi processes payments through secure and trusted platforms to ensure the safety and privacy of our customers' financial information. For transactions made via our web and Android applications, we utilize Stripe for credit card payments and PayPal for PayPal transactions. Both services adhere to the stringent PCI-DSS standards, highlighting our commitment to secure payment processing.

iOS App Transactions
In our iOS application, transactions are facilitated through Apple's in-app purchase system, leveraging their robust security measures to protect user data.

Credit Card Information
To further safeguard customer privacy, we do not store credit card details directly. Instead, we use anonymized tokens provided by these payment services, ensuring that sensitive financial information is never held on our systems. This approach underscores Alohi's dedication to maintaining the highest levels of security and trust in our payment processing.

Self Assessment

SAQ-A Self Assessment

SAQ-A is designed for businesses that sell products or services online or take orders via mail or phone, and do not handle or store customers' credit card information themselves. Instead, they use other companies to manage all aspects of credit card transactions. This means they don’t keep, process, or send any credit card details using their own systems or at their physical locations.

At Alohi, we follow this approach for keeping payment information secure. We complete a SAQ-A self-assessment to ensure we meet the required security standards, and we can provide proof of our compliance upon request.