PayPack logo
PayPack logo
All articles

Security ComplianceUpdated a month ago

About the Company

Nova Module is Oracle NetSuite’s SDN (SuiteCloud Developer Network) partner. The SuiteCloud Developer Network (SDN) is a dedicated, end-to-end program geared toward developers who build specialized and complimentary solutions to extend the NetSuite platform. This is exactly what Nova Module does when it comes to its relationship with Oracle NetSuite and those organizations that use this #1 Cloud ERP.

Nova Module, a could-based integration software company that builds specialized and complimentary integration solutions, is also an approved Stripe Technology Partner.

Architecture Summary

PayPack - Payment Processing Solution for Stripe in NetSuite is a NetSuite SuiteApp which utilizes the best in class technology from NetSuite and Stripe.

Stripe and NetSuite maintain SOC compliance.

In order to be compliant and secure, PayPack uses Stripe Elements to display UI components for payment details within the NetSuite bundle.

A PCI-certified auditor has audited Stripe. We’re a certified PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. To accomplish this, we use the best-in-class security tools and practices to maintain a high level of security at Stripe.

Nova Module provides the NetSuite SuiteApp that is installed on the customer's Netsuite account. No customer or payment data is saved on Nova Module's own servers as all data belongs to the customer's NetSuite and Stripe accounts.

Secure Payment Information

When you enter your payment details on our platform, you're interacting with Stripe Payment Elements. This is a secure form hosted directly by Stripe. Here’s how it works behind the scenes:

  1. Direct Transmission to Stripe: As you type your card number, expiration date, and CVC, that data is sent directly from your browser to Stripe's ultra-secure servers. It completely bypasses PayPack's systems.

  2. Secure Identifier Creation: Stripe immediately converts your sensitive details into a secure identifier called a PaymentMethod (e.g., pm_123abc...). This PaymentMethod acts as a stand-in, or "token," for your actual card details.

  3. Safe Handling: Our servers only receive this safe PaymentMethod identifier. We then use this identifier to manage your payments or save your details for future use through Stripe's PaymentIntents (for immediate charges) or SetupIntents (for saving a card).

This process means we can handle billing operations without ever processing, storing, or having access to your raw credit card number. The entire burden of PCI compliance for handling card data is managed by Stripe, which is certified as a PCI Level 1 Service Provider—the most stringent level of certification available in the payments industry.

By using Stripe's advanced infrastructure, PayPack ensures your payment data is protected by world-class security from the moment you enter it.

Was this article helpful?
Yes
No
© 2024 · PayPack. All Rights Reserved.