Payments Security
PCI DSS compliance, fraud prevention, and secure payment processing
Payments Security
Tiquo's payments infrastructure is designed to deliver secure, reliable, and globally compliant transactions across online and in-person environments.
Payments security is enforced across every layer of the stack—from fraud prevention and auditability to card terminals and third-party processing—ensuring that sensitive payment data is always protected.
Payments Security Overview
Tiquo aligns its payment infrastructure with PCI DSS Level 1 requirements through its direct integration with Stripe, ensuring cardholder data is handled according to the highest industry security standards.
All payment flows are designed to be auditable, resilient, and secure by default—without requiring customers or businesses to manage complex compliance obligations themselves.
Payments Regulatory Scope
Tiquo is a software platform and does not act as the payment processor or Merchant of Record.
Card payments are processed by regulated payment service providers, including Stripe, and Tiquo does not store cardholder data.
Online Payments
All online payments processed through Tiquo support 3D Secure (3DS) authentication, providing an additional verification layer for high-risk or suspicious transactions.
Fraud prevention is driven by a real-time, machine-learning model that analyses a broad range of signals, including behavioural patterns, device fingerprints, velocity checks, and IP reputation. Suspicious activity is detected and blocked automatically, without interrupting legitimate customers.
| Protection | Description |
|---|---|
| 3D Secure | Additional verification for transactions |
| ML Fraud Detection | Real-time behavioural analysis |
| Device Fingerprinting | Unique device identification |
| Velocity Checks | Rate-based anomaly detection |
| IP Reputation | Known threat source blocking |
| Audit Logs | Complete transaction traceability |
Every online transaction is recorded in full payment audit logs, ensuring complete traceability across digital payment flows.
Secure Development & Engineering Standards
Security is embedded directly into Tiquo's engineering workflow through a modern DevSecOps approach spanning the full development lifecycle.
Automated security scanning, dependency monitoring, and continuous verification ensure vulnerabilities are identified and remediated before release. Infrastructure-as-code and immutable deployment practices enforce consistency across environments while maintaining strong assurance.
| Practice | Implementation |
|---|---|
| Security Scanning | Automated vulnerability detection |
| Dependency Monitoring | Continuous package auditing |
| Continuous Verification | Security checks on every deployment |
| Infrastructure-as-Code | Immutable, consistent deployments |
| API Documentation | OpenAPI standard compliance |
All public and internal APIs are documented using the OpenAPI standard, providing predictable schemas, secure structures, and clear interoperability guidance. These practices ensure every update to the payments system is reliable, testable, and delivered with security as a constant baseline.
Card Terminals (PDQ Security)
Tiquo's card terminals (PDQs) operate on hardware that is certified to EMVCo Level 1 & Level 2, meeting global standards for secure chip-and-PIN and contactless payments.
Terminal infrastructure uses secure cryptographic processes, tamper-resistant hardware design, and continual compliance updates to maintain certified integrity over time.
| Feature | Description |
|---|---|
| Cryptographic Security | Secure key management |
| Tamper-Resistant Hardware | Physical protection |
| Compliance Updates | Continuous certification maintenance |
| Bot Detection | Invisible CAPTCHA and risk scoring |
| Audit Logs | Complete transaction traceability |
Behaviour-based bot detection, including invisible CAPTCHA-style protections and background risk scoring, helps filter abusive or automated activity without disrupting genuine in-person transactions.
Payments Processed by Stripe
Under the hood, Tiquo integrates directly with Stripe, a global leader in secure online payment infrastructure.
Data Handling
All payment information is encrypted and tokenised within Stripe's systems
No Card Storage
Tiquo never stores cardholder data directly
Global Trust
Enterprise-grade fraud prevention and regulatory compliance
Seamless Experience
Fast, secure checkout across regions and currencies
Stripe provides enterprise-grade fraud prevention, regulatory compliance, and a seamless checkout experience across regions and currencies. This integration allows Tiquo to offer fast, secure, and globally trusted transactions without compromise.