RunSignUp

< ABOUT

PCI COMPLIANACE

Secure Transaction Processing

PCI Level 1

RunSignUp has achieved the highest level of PCI compliance as evidenced by our Attestation of Compliance. Our volume of transaction processing required us to go through a rigorous certification process, which included onsite reviews and scanning and vulnerability testing with an independent third party Qualified Security Assessor. As part of the certification process we implemented the following advanced security measures:

  • Secure password storage with protections like bcrypt
  • Secure user input fields with SQL prepared statements to prevent XXS attacks and SQL injection as well as CSRF attacks
  • Advanced encryption key management procedures
  • Secure network configurations with multiple levels of firewalls
  • Employee, customer, participant segmentation and access control and login management
  • 100% code review and change logs
  • System hardening including implementation of Center for Internet Security recommendations
  • OSSEC log analysis
  • AntiVirus scanning including ClamAV
  • Constant vulnerability scanning including implementing Nessus
  • Monthly process to install security patches

Payment Facilitator

RunSignUp has taken steps as a company to meet stringent security, banking, VISA and MasterCard processing rules to become an authorized intermediary (Payment Facilitator) between credit card holders (registrants) and race owners. This means that with our Advanced Payment Accounts we never handle your race proceeds. After the credit card transactions are settled for your race, the race proceeds are held in escrow for your benefit with our back end credit card processing company. Funds transfers to you happen accurately and on time by either ACH or check based on the frequency of payment you have requested.


Data Privacy

Data privacy is important to you and to your participants. Whenever we collect or transmit sensitive data, that data is encrypted and transmitted in a secure way. We don't sell or share participant data with anyone other than the owner or Event Director of the event for which a participant has signed up. RunSignUp will not market or sell anything directly to participants who use our site. We only collect credit card information when a participant requests us to and if requested it is stored securely with a third party PCI Level 1 compliant vendor who specializes in credit card storage. View our Privacy Policy for more info.


What should you look for in evaluating data security and transaction processing in a race technology provider?

  • Does the provider have secure, scalable technology?
  • Are they PCI Level 1 compliant with independent auditors?
  • Do they keep your race funds separate from the funds that they use to operate their business?
  • Do they have a privacy policy for how they will collect, store, and share data?
  • Will they use participant data to market or sell unrelated events, subscriptions, or other items to your race participants?
  • Do they have a proven track record in the industry?

PCI Compliance

RunSignUp is a Level 1 PCI-DSS (Date Security Standard) Service Provider. We have undergone a rigorous independent third party assessment to achieve this designation.

E-Mail
From Our Blog:
Nov 22nd, 2017
Charity Payments Bug

We discovered a small bug in our software that has affected races using Braintree Marketplace for payment, who also have Charities setup to get paid directly, where the Charity is paying the processing fee. This affected: 19 races out of the 29,000 races held since this bug was introduced 460 Transactions out of the 5,376,000 … Continue reading "Charity Payments Bug"

Nov 16th, 2017
Participants and Spectators Celebrate with RaceJoy!

This past weekend, RaceJoy was offered at two premier road races, the Madison Marathon in Wisconsin and the Charlotte Marathon in North Carolina. The races provided RaceJoy’s live phone tracking, progress alerts and cheer messages to participants and their supporting friends and families. Another big weekend for RaceJoy, with 12,400 people using the app and … Continue reading "Participants and Spectators Celebrate with RaceJoy!"

What Our Customers Say:

“The software itself is by far the best I’ve seen, and I’ve looked at all of them. It saves so much time, there are no bugs…it’s super easy to use.”

- Josh Spiker, Vendurance