Interested in the security of your and your customers' data?  

You're smart to be!  One of the things that got us fired up about building this app was seeing how other developers in the field were handing the security of customer data, including credit card information. We stay on top of the latest security whitepapers, network practices and software patches to ensure you and your customer's data remains safe. Lee is a regular of Hacker News , /r/webdev , and other more boring (and more technical) sources. 

Interested in running your own spot test of Gingr's security? Click the button below to run a live scan of our encryption technology. Af of 3/3/2015, we rate an A+ by Qualsys SSL Labs - the industry leader in SSL research.


  • Back-ups performed twice daily and are saved to three continents.
    • If a backup fails, Lee's iPhone goes off.
  • Saves credit cards for one-click use without storing actual card numbers  (we use tokenization)
    • Tokenization is the process of exchanging a credit card number for a random string of letters and numbers.
    • This process occurs between your device and your merchant processor
    • Gingr can not touch, see or feel a real credit card number. Ever.
  • 24/7/365 monitoring of the application, firewall, and database security comes standard (the whole team is notified within seconds if there's an issue)
    • We use a combination of New Relic and Rackspace's monitoring tools.

And furthermore:

  • OpenCloud stack in North America, Europe and Asia
    • We're fault tolerant ... so are our servers
  • Passwordless servers (2048-bit SHA2 encryption)
    • We use strong cryptography to log into our servers, not password1234!
    • Best guesses say that 2048-bit encryption could possibly require millions of computers over a year and a team of experts to crack.
  • File and database servers are not connected to a public network
    • If someone wanted to gain access our database, they'd have to get onto our network and then into our servers first
  • You can backup your data yourself, anytime, anywhere
    • Please do this. You'll thank yourself later
  • All requests utilize 2048-bit encryption using modern cryptography
  • Weekly maintenance schedule
    • We click "Yes" to system updates :)
  • Annual penetration testing
    • We pay someone to try and gain access to our systems every year.