Security - A Better Gift

Our Security Commitment

At A Better Gift, security isn't an afterthought — it's foundational to everything we build. We understand you're trusting us with sensitive financial information, and we take that responsibility seriously.

🔐

Bank-Grade Encryption

All data is encrypted using 256-bit SSL/TLS encryption — the same technology used by major banks

🛡️

PCI DSS Compliant

Payment processing through Stripe, a PCI Level 1 certified service provider

🔍

Fraud Monitoring

24/7 automated monitoring and machine learning to detect suspicious activity

✅

Identity Verification

KYC (Know Your Customer) verification for all fund recipients

Payment Security

We partner with Stripe, one of the world's most trusted payment processors, to handle all financial transactions. This means:

🚫 We Never Store Your Card Numbers

A Better Gift never sees, processes, or stores credit card numbers. All sensitive payment data is handled directly by Stripe's secure, PCI-compliant infrastructure.

Payment Security Features

✓ PCI Level 1 Certified

✓ 256-bit SSL Encryption

✓ 3D Secure Authentication

✓ Tokenized Card Storage

✓ Fraud Detection AI

✓ Secure Bank Transfers

Stripe's Certifications

🏆

PCI DSS Level 1

📋

SOC 1 & SOC 2

🌍

GDPR Compliant

🇺🇸

CCPA Compliant

Data Protection

We protect your personal information with multiple layers of security:

What We Protect

Data Type	Protection Method
Account credentials	Bcrypt password hashing, secure session management
Personal information	Encrypted at rest and in transit (AES-256)
Payment information	Processed and stored only by Stripe (PCI DSS)
Bank account details	Tokenized by Stripe, never stored on our servers
Communication	TLS 1.3 encryption for all data in transit

Infrastructure Security

Cloud Infrastructure: Hosted on enterprise-grade cloud infrastructure with SOC 2 certification
Network Security: Web Application Firewall (WAF), DDoS protection, and intrusion detection
Access Control: Role-based access, multi-factor authentication for internal systems
Regular Audits: Ongoing security assessments and penetration testing
Incident Response: 24/7 monitoring and documented incident response procedures

Account Security

We provide tools and features to help you keep your account secure:

Security Features Available to You

Strong Password Requirements: We enforce minimum password complexity standards
Email Verification: All accounts must verify their email address
Session Management: Automatic logout after inactivity, ability to sign out of all devices
Activity Notifications: Email alerts for important account activity
Identity Verification: Stripe's secure identity verification for fund recipients

🔑 Protect Your Account

We recommend using a unique, strong password for your A Better Gift account. Never share your login credentials, and be cautious of phishing attempts. We will never ask for your password via email or phone.

Fraud Prevention

We employ multiple strategies to prevent fraud and protect our community:

Prevention Measures

Identity Verification: All fund recipients must verify their identity through Stripe's KYC process
Bank Account Verification: We verify that bank accounts belong to the account holder
Machine Learning: AI-powered systems detect unusual patterns and suspicious activity
Transaction Monitoring: Real-time monitoring of all financial transactions
Manual Review: Suspicious activity triggers human review by our Trust & Safety team
Community Reporting: Users can report suspicious requests or activity

What We Monitor For

Unusual contribution patterns
Suspicious account activity
Policy-violating content
Identity verification failures
Chargeback patterns
Geographic anomalies

Privacy & Data Handling

We follow strict principles for handling your data:

Data Minimization: We only collect data that's necessary for the service
Purpose Limitation: We use your data only for stated purposes
Secure Storage: All data is encrypted and stored securely
No Selling: We never sell your personal information to third parties
Data Portability: You can request a copy of your data
Right to Deletion: You can request deletion of your account and data

For complete details, see our Privacy Policy.

Compliance

A Better Gift maintains compliance with applicable regulations:

✓ PCI DSS (via Stripe)

✓ GDPR Compliance

✓ CCPA Compliance

✓ SOC 2 Infrastructure

For detailed information about our regulatory approach, see our Compliance Overview.

Security FAQ

Does A Better Gift have access to my bank account?

No. Your bank account information is securely stored by Stripe. A Better Gift can initiate payouts to your verified account through Stripe's API, but we cannot access your bank account directly or see your full account number.

Is my contribution information private?

Yes. Your contribution details are visible only to you and the request creator. Contributors can also choose to contribute anonymously, hiding their name from the request creator.

What happens if there's a data breach?

In the unlikely event of a security incident affecting your data, we will notify affected users promptly in accordance with applicable laws, investigate the incident, take steps to prevent future occurrences, and cooperate with law enforcement as appropriate.

How do I report a security issue?

If you discover a security vulnerability, please report it to our security team at security@abettergift.com. We appreciate responsible disclosure and will work with you to address the issue.

How can I make my account more secure?

Use a strong, unique password; don't share your login credentials; verify the URL before logging in (abettergift.com); be cautious of phishing emails; and keep your email account secure since it's used for account recovery.

Contact

For security-related inquiries:

Security Issues: security@abettergift.com
Privacy Questions: privacy@abettergift.com
General Support: support@abettergift.com

Security at A Better Gift