Security & Compliance
Built for fintech, retail and e-commerce environments, our solutions combine robust security standards, strong governance and regulatory compliance at scale.
Certifications & Regulations
ISO 27001 — Information Security Management
Buybox is ISO 27001 certified, the international standard for information security management. This certification demonstrates our structured approach to risk management, supported by processes and infrastructure designed to prevent, detect and respond to security incidents in line with international best practices.
Payment Institution Licence
Buybox operates within a regulated framework as a licensed Payment Institution, authorised by the ACPR for Buybox Network. This trusted third-party status ensures strict compliance, as well as a high level of security and transparency in the management of financial flows related to gift card programmes.
Security Measures
Penetration Testing
The security of our infrastructure is regularly assessed through independent penetration tests. These audits help us proactively identify and address potential vulnerabilities across our infrastructure, APIs, web applications and payment flows. Testing is conducted by independent cybersecurity experts, using recognised methodologies and industry best practices.
Built-in Anti-Fraud Controls
Our solutions include dedicated fraud detection and prevention mechanisms for card payments made during gift card purchases. Each order is analysed through a scoring system based on multiple signals, including payment authentication, geolocation, purchasing behaviour and transaction velocity. High-risk transactions may be automatically blocked or manually reviewed. For Buybox Network, these controls are reinforced with specific anti-fraud checks on bank transfers.
Security Documentation & Governance
We make a comprehensive library of security, compliance and governance documents available on request.