All payments through Step Force are processed through Paypal, the #1 payment gateway on the internet.
PayPal offers End-to-end encryption keeping your data and PayPal transactions secure. Here are some of the ways they do that.
When you register or log into PayPal from your computer or mobile device, we make sure you’re connecting with TLS 1.0 or higher and only make HTTPS connections (HSTS). Strong TLS configurations are the current industry standard for trusted communication channels and allow your information to transmit across the internet in a secure manner. Only allowing HTTPS connections helps to reduce your susceptibility to some passive and active attacks.
When you access PayPal via the IOS and Android apps we implement key pinning. Key pinning ensures that when the TLS connection is established by your mobile device it connects only to a true PayPal server. This prevents situations where you launch the app, expecting to connect to PayPal and a PayPal imposter intercepts your connection request and pretends to be us.
PayPal comply with stringent requirements for data protection while in transit and at rest such as PCI-DSS. In addition to industry and regulatory encryption requirements, PayPal’s Information Security Policies and Controls are reviewed by independent third parties to the following industry standards and guidelines: American Institute of Certified Public Accountants SSAE16 SOC1, AT101 SOC2, Sarbanes-Oxley.