Data Security and Compliance

Yes. We are pleased to inform you that our organization has been and continues to be fully compliant with PCI DSS including version 4.0. This compliance reflects our commitment to maintaining the highest levels of security for payment card data and protecting our customers’ sensitive information. Visa’s Global Registry of Service Providers website provides the record of all payment companies’ PCI DSS compliance, including Cantaloupe’s.

Yes, we are proud that our organization is SOC 2 Type 2 compliant. This certification demonstrates our commitment to maintaining the highest standards of Trust Services Criteria as defined by the American Institute of Certified Public Accountants (Security, Confidentiality, Availability, Processing Integrity, and Privacy) in our operations.

At Cantaloupe, we prioritize the security of your data and are committed to maintaining the highest standards of protection. Our robust security policies are designed to safeguard your information and ensure compliance with industry regulations. Our commitment to security not only protects your information but also fosters trust and confidence in our services. If you have any questions about our security policies or practices, please feel free to reach out to us at [email protected].

Yes, using your credit/debit card at a Cantaloupe card reader is safe. All of our cashless acceptance products undergo rigorous third-party testing and validation. Additionally, the network we use to connect with our devices complies with the strict regulations set by the PCI Security Standards Council (PCI SSC). The PCI SSC establishes the standards that payment system vendors must adhere to when developing their hardware and software. We also ensure our compliance with the PCI DSS on an annual basis, reinforcing our commitment to protecting your payment information.

At Cantaloupe, we prioritize your security by implementing point-to-point encryption (P2PE). This technology safeguards your card information from the moment you make a purchase at our card readers until it reaches the credit card processing company and back through our network. By using P2PE, we ensure that sensitive card data is not stored at the point of acceptance and is protected from interception during transmission. This significantly reduces the risk of fraud and enhances the overall security of your transactions.

In the event of a data breach, Cantaloupe has an incident response plan that includes immediate containment, investigation, and remediation measures. We also notify affected parties and regulatory bodies as required by law.

Customers can report security concerns or potential vulnerabilities by contacting our dedicated security team at [email protected] or through our website’s contact form. We take all reports seriously and investigate them promptly.

At Cantaloupe, your Privacy is very important to us and we work hard to protect your personal information. Our Privacy Policy is available online.