Highest industry security standards and certifications
Our cardholder data is protected by bank-level data encryption and is stored in a PCIDSS level-1 compliant data centre in the EEA. All data passed between our servers and third parties is 2048-bit SSL encrypted. Card transactions data is transmitted via VPN-tunnels to a certified PCIDSS level-1 processor.
This means all your data and information is safe and secure at all times. We also perform regular penetration tests to find and prevent any security vulnerabilities.
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card schemes (including MasterCard and Visa). The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council.
Preventing fraud before happens
At Pleo, we have developed fraud monitoring, detection and prevention tools to detect and prevent fraudulent behavior before it actually happens.
All purchases done with Pleo cards are tracked in real-time, so if you suspect unauthorized use of your card, you can block the cards at any time from the Pleo web or mobile apps.
Pleo customers are also protected by the MasterCard Zero Liability Policy, which means that you will not be held responsible for unauthorized transactions if: You have used reasonable care in protecting your card from loss or theft; and You promptly reported loss or theft to your financial institution.
Regulated and ring-fenced protected accounts
As with the data and information protection, we apply the highest security standards and partner with biggest and most reputable partners and banking institutions when protecting your company funds.
When loading your Pleo account, your money will be held in a ring-fenced bank account on trust with NatWest (National Westminster Bank Plc) owned by The Royal Bank of Scotland Group (RBS). (The UK Government is the majority owner of RBS).)
This means that funds are held securely in an escrow account and can be accessed and used only by your company.