Data never touches your device

Square enables trusted transactions between the business and the customers by making secure payments as simple as possible. We do this by bringing to our sellers the technologies and monitoring that once were only available to the largest of merchants.

Square encrypts transactions at the point-of-swipe and tokenizes data once it reaches our servers. We track the purchase as it goes through our software. We monitor your money until it’s deposited into your bank account.

In addition, we monitor each transaction to detect suspicious behavior from swipe to settlement. Square uses our algorithms to spot and freeze malicious or suspicious activity. We’re looking out for you and your customers at each step.

Partners in security

Square is the merchant of record for every transaction, which means we’re dedicated to keeping your business safe. We deal with the banks on your behalf and take care of compliance, regulation and processing so you can focus on running your business. We’ll go to bat for you if someone disputes a transaction and we’ll make sure your money moves quickly and securely into your bank account. Square does the heavy lifting. All you need to do is swipe.

Layered Security

Card-processing systems adhere to the PCI Data Security Standard (PCI-DSS).

Stopping fraud before it happens

We stop fraud via live monitoring programs that analyze transactions as they’re happening. This is known as risk visualization. The approach helps us detect and investigate suspicious activity before a fraudulent charge takes place. This method is not only a pioneering way for us to protect merchants, but it’s also a better way to build an automated system to detect criminals that will scale as our business grows.

Getting stronger as we grow

We’ve designed Square to grow stronger the more people transact. The better data set we have to analyze, the smarter our anti-fraud algorithms become. Think of it this way: if cars on a highway drove by only occasionally, it’d be tough to distinguish the ones speeding from the ones travelling within the limit. But on a crowded highway, it’s easy to spot the reckless driver weaving in and out of traffic. Likewise, more Square customers allow our proprietary systems to spot the bad guys easily.

Secure network, servers, and data

Square’s network and servers are housed in a secure facility monitored around the clock by dedicated security staff.

• Card-processing systems adhere to the PCI Data Security Standard (PCI-DSS).
• Square requires sensitive data to be encrypted using industry-leading methods when stored on disk or transmitted over public networks.
• Square uses standard, well-reviewed cryptographic protocols and message formats (such as SSL and PGP) when transferring data.
• Square requires that cryptographic keys are at least 128 bits long. Asymmetric keys must be at least 2048 bits long.
• Square regularly installs security updates and patches on its servers and equipment.
• Security settings of applications and devices are tuned to ensure appropriate levels of protection.
• Networks are strictly segregated according to security level. Modern, restrictive firewalls protect all connections between networks.
• Web and client application security