Our Commitment to Security
Here at InVibe, our internal security team works day in and day out to ensure that InVibe isn’t just the smartest way to pay, it’s also the safest way to pay. It is our commitment to you, our business partners, our users and everyone in between, to ensure that InVibe sets the golden standard for security in payments.
If you ever have any questions about InVibe’s security, please contact us at support@inVibe.me and we’ll route your inquiry to our security team.
A Multi-Pronged, Redundant and Modern Approach to Security
Below you can find more details on how we approach security.
InVibe is 100% compliant to the letter and intent of all PCI regulations, rules and recommendations.
All sensitive data transmitted to InVibe is encrypted and stored on secured servers.
All The Security of Your Card
InVibe is definitely a new way to pay, but it isn’t actually a new payment method. It’s just linked to your credit or debit card. So at the most basic level, you get all the security of your card PLUS all the security of InVibe.
No Credit/Debit Card Information Is Stored by InVibe
We do not store your credit/debit card information on InVibe’s servers. We have partnered with A local payment gateway, a globally respected payment gateway, to leverage their secure vault solutions for all credit/debit card storage. All data sent to InVibe’s servers is encrypted and our servers are protected by industry standard measures. By leveraging a local payment gateway for storage, we are able to add another powerful layer of security to InVibe.
Triple Token System
The data encoded in the QR code you use to transact is NOT your credit or debit card information. It’s a randomly generated token with no meaningful information in it. You can reset it at any time. It maps to a token on our servers which maps to yet another token in the A local payment gateway Vault. Only the combination of these tokens (and two other factors of authentication) can initiate a transaction.
Carry Tokens, Not Payment Data
Our triple token system means that you carry no actual payment data around with you on a daily basis, as opposed to all that live payment data in your wallet right now. This is security on an architectural level. It is perhaps the most fundamental component to our security model. Carrying around live payment data is naturally risky. InVibe ensures that no live payment data is carried on your person, stored in your phone or delivered to the merchant at any time. We believe this shift to be a necessary progression that will eventually be adopted as standard practice by all modern payment providers to ensure the security of your payments.
Instant Code Reset
Because your QR code is simply a token, and not actual payment data, you can at any time reset your code from within your account online. This will regenerate your code, invalidate the old one, and de-authenticate all devices logged into your account. Simply log back in to get your new code.
Pin Lock Your Account
Every user creates their own personal pin to be able to top up additional funds on their inVibe account, this adds security so that no one can tamper with your balance.
With each transaction, you get a digital receipt via push notification. If something ever looks off, you can reset your code with a single click and stop all activity on your account.
Payment Instrument Never Leaves Your Hand
With InVibe, your phone (the payment instrument) never leaves your hand. This is not the case with other payment instruments, such as a credit or debit card, where at a restaurant the waiter/waitress will normally remove your payment instrument from the table, disappear for 5-10 minutes and then return. With InVibe, the waiter/waitress will bring the InVibe terminal to your table and complete the transaction in front of you. This process-level security improvement eliminates the window of opportunity responsible for the plurality of identity thefts in the United States.
Additional Security Mechanisms
We’re constantly working on more ways to make InVibe the most secure payment method on the planet. Some we’ll publish here to help push the industry forward. Others we’ll keep private. But rest assured, security is our primary focus.