Every.org is PCI compliant. We encrypt sensitive information at-rest and in-transit. We also work with HackerOne and their Vulnerability Disclosure Program to continuously perform penetration testing and harden our security.
We do not store payment information on our service and instead use partners that follow industry best practices:
- Our payments processor Stripe has PCI Service Provider Level 1, the most stringent level of certification available in the payments industry.
- Our cryptocurrency processor Coinbase is compliant with BSA and other laws and is SOC 1 and SOC 2 compliant.
- Our securities brokerage First Republic Securities is registered with the SEC and a member of FINRA/SIPC.