Updates from the Security team

SECURITY UPDATES

Over the past few months, you may have noticed many updates and changes made to policies regarding data and how BridgePay handles this data. These policies were enacted to help ensure the security of both the end user and the gateway. The following updates will help you to understand these various changes affecting how BridgePay does business.

Geo IP Blocking gives BridgePay the capability to deny service from a geographic area all the way to a specific IP. Please be aware that a particular country could be unblocked or "whitelisted" but an IP within that country could be blocked due to malicious activity. If a customer is being denied access to the gateway, please reach out to our gateway technical support team and provide the IP address. Our security team will validate the IP and determine if BridgePay can whitelist the IP.

GDPR

The General Data Protection Regulation (GDPR) is a Regulation of the European Union. GDPR went into effect earlier this year, and it applies to all organizations that collect and process the personal data of EU citizens.

As a responsible, forward-looking business, BridgePay recognizes at senior levels the need to comply with the GDPR and ensure that effective measures are in place to protect the personal data of our customers, employees and other stakeholders.

Commitment to the security of personal data extends all levels of the organization and will be demonstrated through the relevant policies and the provision of appropriate resources to establish and develop effective data protection and information security controls.

As part of meeting our legal obligations, we have put in place a comprehensive program to understand and validate our use of personal data and to confirm the legal basis of our processing.

BridgePay has made recent changes to our privacy policy in accordance with GDPR.

The current privacy policy can be reviewed here: Privacy Policy

The Office of Foreign Assets Control (OFAC) of the U.S. Department of the Treasury administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals against targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the United States.

What this means for BridgePay is that we cannot do business with or accept transactions from certain countries, individuals or entities designated by the U.S. Government as having sanctions against them. In accordance with OFAC sanctions, BridgePay will ensure it complies with the applicable OFAC regulations. As a BridgePay partner, if you are working with entities outside of the US and need to verify compliance, please utilize the link provided by OFAC. Should you need further assistance, you may reach out our Gateway Support team and they will direct your request to our IT department.

OFAC SDN List