Security

Tamper-proof design

We adhere to PCI PTS 4.1, the highest industry standard that ensures our card reader’s hardware and software is tamper-proof. In fact, the reader self-destructs if someone tries to interfere with it.

Safe encryption

All credit card data is encrypted by HSMs cryptographic servers, according to the strictest standards – to make sure your customers’ sensitive information is never compromised.

Transaction protection

In the rare case that a customer disputes a charge, Zettle offers transaction protection that covers up to £250 in eligible chargebacks per month. Manual Card Entry transactions are not eligible for transaction protection.

Boost your security

Learn the steps you can take to keep your personal data safe when using Zettle.

Read our cybersecurity checklist

Trust us, we're certified

We are EMV (Europay, MasterCard and Visa) approved and comply with the strict "Payment Card Industry Data Security Standard" (PCI DSS) for handling card data.

The POS system with special PayPal powers

When you sign up to Zettle you’ll create a PayPal Business account. Your Business account gives you fast access to your funds, so you can move money to your bank, pay for goods and services, or transfer funds to pay vendors. You can also request a PayPal Business Debit Mastercard® for quick access to your funds and cashback on eligible purchases.*

Secure organisation

PayPal UK Ltd which is authorised and regulated by the Financial Conduct Authority (FCA) as an electronic money institution under the Electronic Money Regulations 2011 for the issuance of electronic money (firm reference number 994790), and is dedicated to keeping your business safe. All employees act in accordance with security policies designed to keep your data safe. We’re here to empower your business and put your mind at rest.

Secure software

All our software is developed following strict industry-standard best practices, such as OWASP and PCI DSS guidelines.

Fraud protection

We work to prevent fraud before it happens with advanced systems that monitor every transaction that’s being processed, 24 hours a day. All traffic is logged and supervised to detect any unusual or suspicious activity. If our service is abused, we will terminate and block the user's account immediately.

Sign up and start taking secure payments

PCI certified

Zettle is a PCI certified company, this means we comply with all the requirements of the Payment Card Industry Data Security Standard (PCI DSS). By doing so we can ensure a secure network for all our users, protect cardholder data and react quickly to vulnerabilities if they appear.

As a PCI certified company, you can be confident that your information, and that of your customers, is always safe — whether we’re storing, processing or transmitting data.

* PayPal Business Debit Mastercard ® Terms and Conditions apply and can be viewed here.