From confidential customer details, to payment information or simply product catalogues, our Mechants trust us to keep their data secure, private, and available whenever they need it. We take that responsibility seriously. At Jumpseller, we maintain a security system that:
- Prevents all unauthorized access;
- Supports continuous monitoring for potential vulnerabilities; and
- Embraces ongoing, proactive improvement to stay on top of the latest security tools and threats.
All merchant and customers data including names, shipping, billing addresses, ordered products information and payment information are sent using industry best practices regarding traffic: specifically, we use TLS 1.2 secure channels and support both 128-bit or 256-bit configurations, depending on the browser.
We use Amazon Web Services (AWS) servers to host all user data. We make extensive use of their built-in firewalls and virtual private networks to protect your data against unauthorized remote access. AWS data centers undergo annual certifications to ensure they meet the highest standards of physical and virtual security. You can find more information on AWS security practices at http://aws.amazon.com/security.
All user data is automatically backed up on AWS servers with multiple redundant copies. Additionally, Jumpseller creates independant automatic system full backups every day.
Report a Vulnerability
If you discover any security vulnerability in Jumpseller, please email us: firstname.lastname@example.org. We’ll do our best to fix it right away. We reward and welcome the discovery of vulnerabilities in the system by any security researcher, read more at OpenBugBounty.
We verify account access through a combination of store-code/email/password-based authentication via OAuth 2.0. We offer and recommend using 2FA authentication to all merchants.
When email/password-based authentication is used, we always store individuals passwords with unique salts to add an extra layer of protection to your account.
We also use automated challenge–response tests, to avoid robots or automations to force our authentication systems.
Incident Management and Disaster Recovery
We practice regular recovery drills. We perform hourly backups of all databases and files are backed up automatically after they are uploaded to Jumpseller. Our backups are tested on a regular basis and are stored on multiple A-Z locations plus an off-site for at least 30 days. We have procedures for responding to incidents managed by our dedicated Infrastructure Team. In the event of an incident, we would contact your account owner and work with you throughout.