World Class Compliance

Entropay is PCI-DSS Level 1 compliant. This is the same high level PCI compliance required for your bank.


All Entropay traffic goes over TLS 1.2 (Transport Layer Security). We perform regular vulnerability scanning and penetration testing following OWASP best practices.


All sensitive data is encrypted using AES-256 with regular encryption key rotation.

Data Management

Entropay customer data is co-located in two geographically separate locations for redundancy.